baf-fin.xyz Open in urlscan Pro
2606:4700:3037::6815:582 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://baf-fin.xyz/
Effective URL:
https://baf-fin.xyz/
Submission: On February 14 via manual (February 14th 2022, 7:07:45 pm UTC) from CA — Scanned from CA

Summary HTTP 308 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 90 IPs in 7 countries across 73 domains to perform 308 HTTP transactions. The main IP is 2606:4700:3037::6815:582, located in United States and belongs to CLOUDFLARENET, US. The main domain is baf-fin.xyz.
TLS certificate: Issued by E1 on February 14th 2022. Valid for: 3 months.

This is the only time baf-fin.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3037::6815:582	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	2a04:4e42:600... 2a04:4e42:600::268	54113 (FASTLY) (FASTLY)
1	89.187.164.66 89.187.164.66	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
4	2600:9000:210... 2600:9000:210b:a400:1:28b3:b280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.84.42.7 99.84.42.7	16509 (AMAZON-02) (AMAZON-02)
19	2600:1400:d:5... 2600:1400:d:597::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	104.16.254.71 104.16.254.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.143.85 143.204.143.85	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
7	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
2	2600:141b:500... 2600:141b:5000:38b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
3	157.230.5.204 157.230.5.204	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2606:4700::68... 2606:4700::6812:1cb4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
2 4	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::17d7:82d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 22	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
2	54.158.135.134 54.158.135.134	14618 (AMAZON-AES) (AMAZON-AES)
1 7	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	143.204.143.67 143.204.143.67	16509 (AMAZON-02) (AMAZON-02)
1 8	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 2	104.18.99.194 104.18.99.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:808::200d	15169 (GOOGLE) (GOOGLE)
1	52.48.200.82 52.48.200.82	16509 (AMAZON-02) (AMAZON-02)
1	13.226.31.123 13.226.31.123	16509 (AMAZON-02) (AMAZON-02)
5	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.36.253.92 20.36.253.92	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2006	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:ba61:0:1... 2a00:ba61:0:126::c	35625 (EURAFIBRE-AS) (EURAFIBRE-AS)
5	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	2600:9000:21d... 2600:9000:21da:3e00:1c:cd6a:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:10:... 2606:4700:10::6816:156c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.47.14 99.84.47.14	16509 (AMAZON-02) (AMAZON-02)
1	34.139.78.128 34.139.78.128	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:46::40 2620:1ec:46::40	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.143.56 143.204.143.56	16509 (AMAZON-02) (AMAZON-02)
1	74.119.119.142 74.119.119.142	19750 (AS-CRITEO) (AS-CRITEO)
9	2607:f8b0:402... 2607:f8b0:4020:1::a	15169 (GOOGLE) (GOOGLE)
1 9	2600:9000:212... 2600:9000:2120:ce00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	51.143.53.193 51.143.53.193	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:10:... 2606:4700:10::ac43:246a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
3	54.186.207.31 54.186.207.31	16509 (AMAZON-02) (AMAZON-02)
8 12	34.226.254.117 34.226.254.117	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:303... 2606:4700:3036::ac43:8404	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
4 5	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 3	23.221.203.181 23.221.203.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.231.80.183 3.231.80.183	14618 (AMAZON-AES) (AMAZON-AES)
1 3	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
2	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 3	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
4 4	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
2 3	3.224.160.131 3.224.160.131	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1	23.198.216.120 23.198.216.120	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	68.67.179.113 68.67.179.113	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.102.166.132 34.102.166.132	15169 (GOOGLE) (GOOGLE)
1	124.146.215.46 124.146.215.46	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	124.146.215.3 124.146.215.3	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.213.64.42 3.213.64.42	14618 (AMAZON-AES) (AMAZON-AES)
1	23.52.167.93 23.52.167.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.150.59.174 54.150.59.174	16509 (AMAZON-02) (AMAZON-02)
1	3.34.78.228 3.34.78.228	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20ed:3000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	99.84.125.119 99.84.125.119	16509 (AMAZON-02) (AMAZON-02)
1	34.203.16.143 34.203.16.143	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.39.245.80 52.39.245.80	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
308	90

8 2606:4700:3037::6815:582 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

baf-fin.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 2a04:4e42:600::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.164.66 (Dallas, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-711.bunnyinfra.net

bcdn.starapps.studio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2008 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:210b:a400:1:28b3:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.42.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-7.ewr52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:1400:d:597::1d72 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.16.254.71 (None, )

ASN13335 (CLOUDFLARENET, US)

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.143.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-143-85.ewr52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80d::200e (Queens, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:5000:38b::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.230.5.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

foursixty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1cb4 (United States)

ASN13335 (CLOUDFLARENET, US)

config.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9b (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2002 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4006:820::200e (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.158.135.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-135-134.compute-1.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:823::2004 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.143.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-143-67.ewr52.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.0.84 (United States) 1 redirects

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.99.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::200d (Queens, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.200.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-200-82.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.31.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-123.ewr53.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.36.253.92 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2006 (Queens, United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2001 (Queens, United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::2016 (Queens, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:ba61:0:126::c (France)

ASN35625 (EURAFIBRE-AS, FR)

rr1---sn-apaapm4g-apae.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:3e00:1c:cd6a:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets1.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:156c (United States)

ASN13335 (CLOUDFLARENET, US)

shopify.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.47.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-47-14.ewr52.r.cloudfront.net

d34uoa9py2cgca.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.139.78.128 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 128.78.139.34.bc.googleusercontent.com

geolocation-recommendations.shopifycloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::40 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

swymv3free-01.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.143.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-143-56.ewr52.r.cloudfront.net

accessibilityserver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.142 (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:1::a (Montreal, Canada)

ASN15169 (GOOGLE, US)

rr5---sn-t0a7ln7d.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2120:ce00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.143.53.193 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

swymstore-v3free-01.swymrelay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:246a (United States)

ASN13335 (CLOUDFLARENET, US)

api.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.207.31 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-207-31.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.226.254.117 (Ashburn, United States) 8 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-254-117.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:8404 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

privymktg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2004 (Queens, United States)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::c (United States) 4 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.221.203.181 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-203-181.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.231.80.183 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-80-183.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.45.33.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.22.214 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.151 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.224.160.131 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-160-131.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.198.216.120 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-120.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.113 (Secaucus, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.46 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.3 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

adgen.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.64.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-64-42.compute-1.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.150.59.174 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-59-174.ap-northeast-1.compute.amazonaws.com

sync.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.34.78.228 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-34-78-228.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ed:3000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.125.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-119.ewr52.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.16.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-16-143.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.39.245.80 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-245-80.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2239	889 KB
22	adroll.com 9 redirects assets1.adroll.com — Cisco Umbrella Rank: 27769 s.adroll.com — Cisco Umbrella Rank: 2263 d.adroll.com — Cisco Umbrella Rank: 1329	145 KB
22	youtube.com 1 redirects www.youtube.com — Cisco Umbrella Rank: 87	810 KB
21	yotpo.com staticw2.yotpo.com — Cisco Umbrella Rank: 6424 p.yotpo.com — Cisco Umbrella Rank: 5999	196 KB
15	criteo.com 8 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4688 gum.criteo.com — Cisco Umbrella Rank: 355 mug.criteo.com — Cisco Umbrella Rank: 3197 sslwidget.criteo.com — Cisco Umbrella Rank: 1671 widget.us.criteo.com — Cisco Umbrella Rank: 20189 dis.criteo.com — Cisco Umbrella Rank: 619	18 KB
13	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 86 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 62	147 KB
12	googlevideo.com rr1---sn-apaapm4g-apae.googlevideo.com — Cisco Umbrella Rank: 580150 rr5---sn-t0a7ln7d.googlevideo.com — Cisco Umbrella Rank: 127805	2 MB
11	userway.org cdn.userway.org — Cisco Umbrella Rank: 5063 api.userway.org — Cisco Umbrella Rank: 4921	145 KB
10	shopifysvc.com monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 2918	2 KB
8	baf-fin.xyz 1 redirects baf-fin.xyz	92 KB
7	privy.com shopify.privy.com — Cisco Umbrella Rank: 17107 api.privy.com — Cisco Umbrella Rank: 12663 assets.privy.com — Cisco Umbrella Rank: 20238 events.privy.com — Cisco Umbrella Rank: 20237	245 KB
7	clarity.ms 1 redirects i.clarity.ms — Cisco Umbrella Rank: 2013 c.clarity.ms — Cisco Umbrella Rank: 693	24 KB
7	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 331 c.bing.com — Cisco Umbrella Rank: 212	13 KB
7	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 static.doubleclick.net — Cisco Umbrella Rank: 309 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	3 KB
6	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 269 ads.yahoo.com — Cisco Umbrella Rank: 835 sp.analytics.yahoo.com — Cisco Umbrella Rank: 796	2 KB
5	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3797 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4158	30 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	4 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	762 B
5	gorgias.chat config.gorgias.chat — Cisco Umbrella Rank: 14413 assets.gorgias.chat — Cisco Umbrella Rank: 15501	269 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 350	4 KB
4	pinterest.ca www.pinterest.ca — Cisco Umbrella Rank: 24947	15 KB
4	pinterest.com 1 redirects ct.pinterest.com — Cisco Umbrella Rank: 810 www.pinterest.com — Cisco Umbrella Rank: 1008	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	288 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 574 script.hotjar.com — Cisco Umbrella Rank: 726 vars.hotjar.com — Cisco Umbrella Rank: 809 in.hotjar.com — Cisco Umbrella Rank: 1615	66 KB
4	weglot.com cdn.weglot.com — Cisco Umbrella Rank: 13258	31 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 357	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	2 KB
3	mediawallahscript.com 2 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 1741	2 KB
3	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 356	1 KB
3	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 752 simage2.pubmatic.com — Cisco Umbrella Rank: 552	1 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488 r.casalemedia.com — Cisco Umbrella Rank: 1839	3 KB
3	azureedge.net swymv3free-01.azureedge.net — Cisco Umbrella Rank: 33194	115 KB
3	gstatic.com fonts.gstatic.com ssl.gstatic.com	37 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 8810	629 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
3	foursixty.com foursixty.com — Cisco Umbrella Rank: 21654	69 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31 google-analytics.com — Cisco Umbrella Rank: 24	20 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 187	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	1 KB
2	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1249 adgen.socdm.com — Cisco Umbrella Rank: 3470	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 283	60 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 717	790 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 307	817 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 288	2 KB
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 497	543 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 667	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	82 KB
2	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 1921 polyfill.io — Cisco Umbrella Rank: 1195	798 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 754	418 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1796	336 B
1	adtdp.com ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 1739	886 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 659	241 B
1	dable.io adx.dable.io — Cisco Umbrella Rank: 3404	142 B
1	ad-stir.com sync.ad-stir.com — Cisco Umbrella Rank: 1970	455 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 478	783 B
1	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 1952	414 B
1	tpmn.co.kr ad.tpmn.co.kr — Cisco Umbrella Rank: 3251	601 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1163	425 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 725	222 B
1	privymktg.com 1 redirects privymktg.com — Cisco Umbrella Rank: 20017	867 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 638	13 KB
1	swymrelay.com swymstore-v3free-01.swymrelay.com — Cisco Umbrella Rank: 40026	1 KB
1	accessibilityserver.org accessibilityserver.org — Cisco Umbrella Rank: 25961	1 KB
1	shopifycloud.com geolocation-recommendations.shopifycloud.com — Cisco Umbrella Rank: 15929	20 KB
1	cloudfront.net d34uoa9py2cgca.cloudfront.net	790 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 103	55 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	1 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2057	256 B
1	shop.app shop.app — Cisco Umbrella Rank: 5495	996 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1464	38 KB
1	starapps.studio bcdn.starapps.studio — Cisco Umbrella Rank: 37102	13 KB
308	73

	Domain	Requested by
64	cdn.shopify.com	baf-fin.xyz cdn.shopify.com cdn.userway.org
22	www.youtube.com	1 redirects cdn.shopify.com www.youtube.com
19	staticw2.yotpo.com	baf-fin.xyz staticw2.yotpo.com cdn.shopify.com
12	d.adroll.com	8 redirects s.adroll.com cdn.shopify.com
10	monorail-edge.shopifysvc.com	cdn.shopify.com
9	s.adroll.com	1 redirects assets1.adroll.com s.adroll.com cdn.shopify.com
9	rr5---sn-t0a7ln7d.googlevideo.com	www.youtube.com
8	cdn.userway.org	accessibilityserver.org cdn.userway.org cdn.shopify.com
8	baf-fin.xyz	1 redirects cdn.shopify.com
7	www.google.com	1 redirects baf-fin.xyz apis.google.com www.google.com www.youtube.com
6	bat.bing.com	baf-fin.xyz bat.bing.com
5	gum.criteo.com	4 redirects static.criteo.net
5	i.clarity.ms	bat.bing.com cdn.shopify.com
5	www.facebook.com	baf-fin.xyz
5	apis.google.com	baf-fin.xyz apis.google.com accounts.google.com
4	secure.adnxs.com	3 redirects
4	widget.us.criteo.com
4	assets.privy.com	shopify.privy.com assets.privy.com
4	www.pinterest.ca	s.pinimg.com baf-fin.xyz
4	googleads.g.doubleclick.net	2 redirects www.googleadservices.com www.youtube.com
4	connect.facebook.net	staticw2.yotpo.com connect.facebook.net
4	cdn.weglot.com	baf-fin.xyz cdn.weglot.com
3	pixel.tapad.com	2 redirects
3	match.adsrvr.org	3 redirects
3	partner.mediawallahscript.com	2 redirects
3	dis.criteo.com	3 redirects
3	eb2.3lift.com	1 redirects
3	ups.analytics.yahoo.com	1 redirects
3	api.userway.org	cdn.shopify.com
3	swymv3free-01.azureedge.net	baf-fin.xyz swymv3free-01.azureedge.net
3	static.klaviyo.com	baf-fin.xyz static.klaviyo.com
3	rr1---sn-apaapm4g-apae.googlevideo.com	www.youtube.com
3	assets.gorgias.chat	config.gorgias.chat baf-fin.xyz
3	px.ads.linkedin.com	3 redirects
3	ct.pinterest.com	cdn.shopify.com baf-fin.xyz
3	www.google.ca	baf-fin.xyz
3	fonts.googleapis.com	staticw2.yotpo.com assets.privy.com
3	foursixty.com	baf-fin.xyz foursixty.com cdn.shopify.com
2	dpm.demdex.net	1 redirects
2	x.bidswitch.net	1 redirects
2	simage2.pubmatic.com
2	idsync.rlcdn.com
2	ads.yahoo.com
2	sync.outbrain.com
2	pixel.advertising.com	2 redirects
2	pixel.rubiconproject.com
2	dsum-sec.casalemedia.com	1 redirects
2	static-tracking.klaviyo.com	static.klaviyo.com
2	c.clarity.ms	1 redirects baf-fin.xyz
2	p.adsymptotic.com	1 redirects baf-fin.xyz
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	p.yotpo.com	baf-fin.xyz
2	config.gorgias.chat	baf-fin.xyz config.gorgias.chat
2	s.pinimg.com	cdn.shopify.com s.pinimg.com
2	www.google-analytics.com	cdn.shopify.com baf-fin.xyz
2	www.googletagmanager.com	baf-fin.xyz
1	d.turn.com	1 redirects
1	trends.revcontent.com
1	ad.as.amanad.adtdp.com
1	s.ad.smaato.net
1	adx.dable.io
1	r.casalemedia.com
1	sync.ad-stir.com
1	contextual.media.net
1	cs.adingo.jp
1	adgen.socdm.com
1	tg.socdm.com
1	ad.tpmn.co.kr
1	cw.addthis.com
1	sp.analytics.yahoo.com
1	cm.g.doubleclick.net	1 redirects
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	gum.criteo.com
1	sync.taboola.com
1	image2.pubmatic.com
1	google-analytics.com
1	privymktg.com	1 redirects
1	events.privy.com	cdn.shopify.com
1	static.criteo.net	dynamic.criteo.com
1	api.privy.com	cdn.shopify.com
1	swymstore-v3free-01.swymrelay.com	cdn.shopify.com
1	www.pinterest.com	1 redirects
1	dynamic.criteo.com	baf-fin.xyz
1	accessibilityserver.org	baf-fin.xyz
1	geolocation-recommendations.shopifycloud.com	baf-fin.xyz
1	d34uoa9py2cgca.cloudfront.net	baf-fin.xyz
1	shopify.privy.com	baf-fin.xyz
1	assets1.adroll.com	baf-fin.xyz
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	ssl.gstatic.com	accounts.google.com
1	c.bing.com	1 redirects
1	vc.hotjar.io	cdn.shopify.com
1	in.hotjar.com	cdn.shopify.com
1	accounts.google.com	apis.google.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	shop.app	cdn.shopify.com
1	snap.licdn.com	baf-fin.xyz
1	stats.g.doubleclick.net	cdn.shopify.com
1	polyfill.io	baf-fin.xyz
1	www.googleadservices.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	baf-fin.xyz
1	www.googleoptimize.com	baf-fin.xyz
1	cdn.polyfill.io	baf-fin.xyz
1	bcdn.starapps.studio	baf-fin.xyz
308	109

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.baffin.com

Subject Issuer	Validity	Valid
*.baf-fin.xyz E1	`2022-02-14` - `2022-05-15`	3 months	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
bcdn.starapps.studio R3	`2022-01-18` - `2022-04-18`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.weglot.com Amazon	`2021-04-08` - `2022-05-07`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
monorail-edge.shopifysvc.com R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-23` - `2022-02-21`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
foursixty.com Go Daddy Secure Certificate Authority - G2	`2021-09-29` - `2022-10-31`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
gorgias.chat Cloudflare Inc ECC CA-3	`2022-02-14` - `2022-05-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
shop.app R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2022-02-01` - `2022-04-12`	2 months	crt.sh
static.klaviyo.com R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
assets1.adroll.com Amazon	`2021-08-18` - `2022-09-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
geolocation-recommendations.shopifycloud.com R3	`2022-01-24` - `2022-04-24`	3 months	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 02	`2022-02-10` - `2023-02-05`	a year	crt.sh
accessibilityserver.org Amazon	`2021-12-09` - `2023-01-05`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-02-01` - `2022-04-12`	2 months	crt.sh
static-tracking.klaviyo.com R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh
*.swymrelay.com Go Daddy Secure Certificate Authority - G2	`2021-02-10` - `2022-03-14`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
api.userway.org Amazon	`2021-11-02` - `2022-11-30`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-02-07` - `2022-03-30`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
ad.tpmn.co.kr GTS CA 1D4	`2021-12-30` - `2022-03-30`	3 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2020-04-24` - `2022-06-02`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.ad-stir.com AlphaSSL CA - SHA256 - G2	`2021-11-10` - `2022-12-12`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.dable.io Amazon	`2021-07-11` - `2022-08-09`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.as.amanad.adtdp.com Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh
revcontent.com Amazon	`2021-12-21` - `2023-01-19`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://baf-fin.xyz/
Frame ID: 97585D5442DD75AF808E747B778AA488
Requests: 227 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=256718822&origin=https%3A%2F%2Fbaf-fin.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
Frame ID: E383B91D3F2E647C947971899B7F2DEB
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: D201A57D488E65BE62298095CCC2CE9C
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fbaf-fin.xyz&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
Frame ID: 62D52641F7A7FA09514B641C0586A4F8
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
Frame ID: C573EBC98617DF4B35F73F1D945F104B
Requests: 39 HTTP requests in this frame

Frame: https://www.pinterest.ca/ct.html
Frame ID: C1037C0630F40ACB6A897D22155F6FE2
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=baf-fin.xyz&origin=onetag&gdpr=0&gdpr_consent=null
Frame ID: 54E55130A248FFA22EC63BF39DEA24F4
Requests: 2 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=nf2WBZG2esKjEMAnXMFxa14UeqVGyirT
Frame ID: 6B92ADE0B4D5048A4FF938F1B8C22B82
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baffin Boots & Footwear | Born in the North '79 – Baffin - Born in the North '79 Chevron pointing leftChevron pointing rightAmerican ExpressApple PayDiners ClubDiscoverGoogle PayMastercardShop PayVisa

Page URL History Show full URLs

http://baf-fin.xyz/ HTTP 301
https://baf-fin.xyz/ Page URL

Detected technologies

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

cdn\.weglot\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

308
Requests

92 %
HTTPS

43 %
IPv6

73
Domains

109
Subdomains

90
IPs

7
Countries

5591 kB
Transfer

14898 kB
Size

118
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/baffinworldwide/

Search URL Search Domain Scan URL

URL: https://twitter.com/baffinworldwide?lang=en

Search URL Search Domain Scan URL

URL: https://www.instagram.com/baffinworldwide/?hl=en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/baffinworldwide

Search URL Search Domain Scan URL

URL: https://www.baffin.com/collections/new-arrivals

Search URL Search Domain Scan URL

URL: https://www.instagram.com/baffinworldwide
Title: @baffinworldwide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://baf-fin.xyz/ HTTP 301
https://baf-fin.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976554&time=1644865655569&url=https%3A%2F%2Fbaf-fin.xyz%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976554&time=1644865655569&url=https%3A%2F%2Fbaf-fin.xyz%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2976554%26time%3D1644865655569%26url%3Dhttps%253A%252F%252Fbaf-fin.xyz%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976554&time=1644865655569&url=https%3A%2F%2Fbaf-fin.xyz%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976554&time=1644865655569&url=https%3A%2F%2Fbaf-fin.xyz%2F&cookiesTest=true&liSync=true&e_ipv6=AQI7JKAPKnIN-AAAAX75ohUVc86uGW8BIHKz2uQpZAAwmM5ndQ7hDIg5PORG9XDnBDYLjdAaMQ HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1db556c2-03e6-44b3-b929-74925a5fa0ce HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1db556c2-03e6-44b3-b929-74925a5fa0ce&_expected_cookie=e3d7b489f2f6bbe50ed6bb43a67c4d6a

Request Chain 152

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E7D210BEC1D74F74B3E503E439749151&RedC=c.clarity.ms&MXFR=0BB55A499C8965F70E304B0298896B2B HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7D210BEC1D74F74B3E503E439749151&MUID=0954F295807269A81B2FE3DE81586854

Request Chain 163

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 193

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.ca/ct.html

Request Chain 209

https://s.adroll.com/j/exp/2TIXCSBXGRG6FFDNARQPOD/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 212

https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220208&foc_id=2Hpm81CXGDqgFC1OhBB3JQ&label=followon_view&ptype=no_rmkt&random=124869931 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220208&foc_id=2Hpm81CXGDqgFC1OhBB3JQ&label=followon_view&ptype=no_rmkt&random=124869931&cv_attributed=0 HTTP 302
https://www.google.com/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220208&label=followon_view&ptype=no_rmkt&random=124869931&is_vtc=0&random=3853726269 HTTP 302
https://www.google.ca/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220208&label=followon_view&ptype=no_rmkt&random=124869931&is_vtc=0&random=3853726269&ipr=y

Request Chain 232

https://privymktg.com/collect?v=1&cid=b13c46f8-2a43-43e0-9c50-a2510707d092&cd1=5511C7149F629EADDFF0ED42&tid=UA-20331028-1&t=pageview&ci=5511C7149F629EADDFF0ED42&cm=web&cn=5511C7149F629EADDFF0ED42&ec=widget&dl=https%3A%2F%2Fbaf-fin.xyz%2F&dt=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&ul=en-US&z=8106163910451931 HTTP 302
https://google-analytics.com/collect?v=1&cid=b13c46f8-2a43-43e0-9c50-a2510707d092&cd1=5511C7149F629EADDFF0ED42&tid=UA-20331028-1&t=pageview&ci=5511C7149F629EADDFF0ED42&cm=web&cn=5511C7149F629EADDFF0ED42&ec=widget&dl=https%3A%2F%2Fbaf-fin.xyz%2F&dt=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&ul=en-US&z=8106163910451931

Request Chain 238

https://d.adroll.com/cm/index/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expiration=1676401657 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expiration=1676401657&C=1

Request Chain 239

https://d.adroll.com/cm/n/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expires=365

Request Chain 240

https://d.adroll.com/cm/onevideo/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP603aec86-8dc9-11ec-88cc-0a77597fca49 HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP603aec86-8dc9-11ec-88cc-0a77597fca49&verify=true

Request Chain 241

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ

Request Chain 242

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 243

https://d.adroll.com/cm/r/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 244

https://d.adroll.com/cm/taboola/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ

Request Chain 245

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 258

https://gum.criteo.com/sid/json?origin=onetag&domain=baf-fin.xyz&sn=ChromeSyncframe&so=0&topUrl=baf-fin.xyz&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=yB8xwHxzZWtCR2s5WnN4dUZlL2JmeFU0N0dwZzVMck4xdDh2YkRUNklRcTRTUm9Velk4WjkrTmVKUWtlanVoTTdIQ2xocTIyNTdid0k3Z0k3LzROTENLY25uUUJMNys1ZU9Zbm8rQTAyaEtNaTFFa25KZGI3UjNzU2hzdFRyaHJhUENVUERzVkIwdGVFWHEyeldZWEd1cktmSTA3cm5jeFA1NzU5bHZRWlhQdHM3S0crSktveU5ndW4zU3YwWmpLM1lHRmJ5aUVkYy80ZlVXc0YzWG9QL1d6bmMxZkFJU2w0b0xsMjVYN3lJMUxVSWE1eHZjcEV0NkFaaGE4Z1RpWWYwL2Ivc04yK0VYTjR5QUpnVmVvUGxVUm5VQT09fA&cppv=2

Request Chain 273

https://sslwidget.criteo.com/event?a=90222&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-mc&p3=e%3Ddis&adce=1&bundle=S1hR1F8wZW9xeEthcCUyRnlBaERlQ2Rib2c0RXl4aE9Tc29jQUhUQ1Y0MGF2NWlNN1hyM0lNM3ZzUDBucWlWcVd0NXJGTVdqYXNOYnhvckVtamVEQTV0cjBJJTJCSjJTd3kxNGNNakpMQzJrbTJac3diZzRyN0ZmRWExUUU3b0dWZHdHdmdpbXhvaGlESTRPVVVYOWNMNVZxMjFqa1pRJTNEJTNE&tld=baf-fin.xyz&dy=1&dtycbr=42230&gra=0&grs=null&grv=2 HTTP 302
https://widget.us.criteo.com/event?a=90222&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-mc&p3=e%3Ddis&adce=1&bundle=S1hR1F8wZW9xeEthcCUyRnlBaERlQ2Rib2c0RXl4aE9Tc29jQUhUQ1Y0MGF2NWlNN1hyM0lNM3ZzUDBucWlWcVd0NXJGTVdqYXNOYnhvckVtamVEQTV0cjBJJTJCSjJTd3kxNGNNakpMQzJrbTJac3diZzRyN0ZmRWExUUU3b0dWZHdHdmdpbXhvaGlESTRPVVVYOWNMNVZxMjFqa1pRJTNEJTNE&tld=baf-fin.xyz&dy=1&dtycbr=42230&gra=0&grs=null&grv=2

Request Chain 275

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=nf2WBZG2esKjEMAnXMFxa14UeqVGyirT

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0xM3Q4MjhSYkgtSW4yNW5VV0NUbXVxRzRuUXdQNnpPSTVoVW1nQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0 HTTP 302
https://widget.us.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 277

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA&custom=&tag_format=img&tag_action=sync&custom=&cb=c6fa46ea-0d1a-4ee3-bcab-8f3007e73d6d HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=c6fa46ea-0d1a-4ee3-bcab-8f3007e73d6d&final=true&reqid=612c7850-8dc9-11ec-a415-516f1c31ded7&timestamp=2022-02-14T19%3A07%3A39.992Z HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=f678d41e-42ed-48fc-947c-13a04b7f58ba&tag_format=img&tag_action=sync&cb=

Request Chain 279

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d5781633-260d-4ccd-8f79-fe223c33f4ed%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d5781633-260d-4ccd-8f79-fe223c33f4ed%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f678d41e-42ed-48fc-947c-13a04b7f58ba&ttd_puid=d5781633-260d-4ccd-8f79-fe223c33f4ed%2C

Request Chain 286

https://secure.adnxs.com/setuid?entity=52&code=k-r2fQhcRbH-In25nUWCTmuqG4nQyI7sTokDl_3A&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-r2fQhcRbH-In25nUWCTmuqG4nQyI7sTokDl_3A%26seg%3D95287

Request Chain 298

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-E-ljBcRbH-In25nUWCTmuqG4nQzv1iHq1Oeb1g&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-E-ljBcRbH-In25nUWCTmuqG4nQzv1iHq1Oeb1g&expires=30&user_group=5

Request Chain 301

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6107103107772752485 HTTP 302
https://widget.us.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6107103107772752485

Request Chain 302

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gKydl6XGyhYrDqXcpo9n0ZdgBIZLG3zE HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gKydl6XGyhYrDqXcpo9n0ZdgBIZLG3zE

Request Chain 304

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/T7l7jPAe0WC8Fi7zGu84d4YqdVMwZu0h/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3237634528132622962 HTTP 302
https://widget.us.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3237634528132622962

308 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
baf-fin.xyz/
Redirect Chain

http://baf-fin.xyz/
https://baf-fin.xyz/

814 KB
87 KB

231ms
199ms

Document
text/html

2606:4700:3037::6815:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ab60fa656beea84550da8c8e64009bfd6e3dae5d4cba57567ece93285923c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 14 Feb 2022 04:18:51 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVKL%2FfZSBIVLe6EOPXEJH%2FV195XGy92V951khy6amO42slLun2mKjO3A2JEyns7qB%2BWgeFVrjJjrSmZCHJ34hXDE058Jt%2BnY2X7aWuCh80DAUfNsFoCo4amQbuIq23VqYCCu%2FibufyEkCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dd894810cc27136-YUL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Mon, 14 Feb 2022 19:07:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 14 Feb 2022 20:07:33 GMT
Location: https://baf-fin.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E24MzJ73lIVh4CPc0Q5OKtCFO54NhCDP2%2F0BDQzsGUNzLXggUWjQfM1zteSCDOX%2BT%2FqKeLzXkuAoa9szCfQT9DaQ8acj76SmTI8j9B8WCFtu9KGmLZ0DI5FGEU7k2s2Y%2BBzRN6aXG5ne8g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6dd89480aac27145-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Territories_Mobile_2_x400.jpg
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 19 KB
19 KB 55ms
31ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Territories_Mobile_2_x400.jpg

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

8ce20ebbcdb71413f165261ae4f912d5d1063ab3a925deb76b3ad20e090b4ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.441,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 19222
x-xss-protection: 1; mode=block
x-request-id: 073a777a3126a643973c105ef24b3822
x-served-by: cache-lga21950-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.169599,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Territories_Mobile_2_x400.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 yellowknife_pre_order-mobile-2_x400.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 19 KB
19 KB 48ms
23ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/yellowknife_pre_order-mobile-2_x400.png

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

b01e9928daea4d9a51fb64020ddfed53a5b6587b48f4b599c8c75b69cd939055

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.594,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 19284
x-xss-protection: 1; mode=block
x-request-id: f28246ebaeda560316f06eb90e24f8a0
x-served-by: cache-lga13627-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.169177,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/yellowknife_pre_order-mobile-2_x400.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Territories_Desktop_800x.jpg
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 49 KB
50 KB 13ms
13ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Territories_Desktop_800x.jpg

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

b5236eeadd698087397ee8a8c641d245cd9006cd1bf1e20e65f754aea7c19be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.926,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 50466
x-xss-protection: 1; mode=block
x-request-id: fa92f23f4b0359cc36dfd765f23e5e99
x-served-by: cache-lga21958-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.213594,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Territories_Desktop_800x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 yellowknife_pre_order_800x.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 31 KB
32 KB 11ms
11ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/yellowknife_pre_order_800x.png

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

48c4707fd3fcaaa2ddc4b65f346eb6cb9d5b6adbff93374be3e10a9f8255ca01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.854,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 31926
x-xss-protection: 1; mode=block
x-request-id: 05e5134587dd87bba08943e2db807824
x-served-by: cache-lga21939-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.229127,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/yellowknife_pre_order_800x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 script-1639121469.js Show response
bcdn.starapps.studio/apps/via/baffin-inc/ 48 KB
13 KB 182ms
54ms Script
application/javascript 89.187.164.66
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://bcdn.starapps.studio/apps/via/baffin-inc/script-1639121469.js?shop=baffin-inc.myshopify.com
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.164.66 Dallas, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-711.bunnyinfra.net
Software: BunnyCDN-TX1-711 /
Resource Hash: e713dafa3d4d5303d3b7ae3e171b3ca4ac95356b7fb212d5fa5bd4ea3fa03b1e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: br
cdn-edgestorageid: 711
cdn-fileserver: 159
cdn-storageserver: LA-109
cdn-cachedat: 12/10/2021 07:42:39
cdn-pullzone: 167988
server: BunnyCDN-TX1-711
last-modified: Fri, 10 Dec 2021 07:31:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"61b3023e-c035"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 3712be04-dd87-41bb-adc7-5d9ff1e853cc
cache-control: must-revalidate, max-age=60
cdn-requestid: 33dae750f67df2237ea307ef3f6ff122
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 10 KB
3 KB 38ms
12ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.113,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 2790
x-xss-protection: 1; mode=block
x-request-id: 01ed4e01c1ff49900ac9ae1712128fd5
x-served-by: cache-lga13626-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1644865654.264290,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js>; rel="canonical"
x-cache-hits: 1, 1080402

GET
H2 200 storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/ 49 KB
17 KB 46ms
20ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.290,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 17353
x-xss-protection: 1; mode=block
x-request-id: e6dfe2566243e86db9e886107c8e90f3
x-served-by: cache-lga21934-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1644865654.264393,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"
x-cache-hits: 4, 653031

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
12 KB 39ms
13ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.212,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 12298
x-xss-protection: 1; mode=block
x-request-id: e2306559e74cd241e094843a1c9af675
x-served-by: cache-lga21941-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1644865654.264381,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits: 1, 987019

GET
H2 200 theme.css
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 204 KB
31 KB 36ms
13ms Stylesheet
text/css 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/theme.css?v=9867031051457660627

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

ad4b242488febec57a97418e13707a339f091b2ada141d343bf377bbfbc51c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.726,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 31934
x-xss-protection: 1; mode=block
x-request-id: 5d6c175b927b45fe44d1c001e18d9101
x-served-by: cache-lga21931-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.168744,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/theme.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 custom.css
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 2 KB
851 B 48ms
25ms Stylesheet
text/css 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/custom.css?v=13841629088515183296

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

af98397149c4225f0531f56685584366b5b55f0cc9ec99bfb858aea9376d4d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.004,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 614
x-xss-protection: 1; mode=block
x-request-id: 2221e508b433dc42a9ddc3d5917fb897
x-served-by: cache-lga21956-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.168810,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/custom.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 lazysizes.min.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 24 KB
8 KB 12ms
9ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/lazysizes.min.js?v=17435836340443258698

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

e1fd54ab6ddcbd5c290bf0293dc1e428a8bc0ee2a2723b344398d663449487c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.462,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 7624
x-xss-protection: 1; mode=block
x-request-id: 9489d0130e4c5ca4868d976d96002a58
x-served-by: cache-lga21978-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.239093,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/lazysizes.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v3/ 101 B
584 B 63ms
11ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v3/polyfill.min.js?unknown=polyfill&features=fetch,Element.prototype.closest,Element.prototype.remove,Element.prototype.classList,Array.prototype.includes,Array.prototype.fill,Object.assign,CustomEvent,IntersectionObserver,IntersectionObserverEntry,URL

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 27571
detected-user-agent: Chrome Mobile/98.0.4758
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=4, HIT, fastly;desc="Edge time";dur=1
content-length: 94
referrer-policy: origin-when-cross-origin
last-modified: Mon, 14 Feb 2022 10:57:33 GMT
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/98.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 libs.min.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 176 KB
54 KB 13ms
9ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/libs.min.js?v=2617854318439446974

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

a52d5d5f122b5467fff12dc296c83336426ee8dc90be7ce1042e07f99c6c9f03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.104,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 54622
x-xss-protection: 1; mode=block
x-request-id: 632f6ca8d11c19ef0ed056a6a749d48e
x-served-by: cache-lga21949-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.240326,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/libs.min.js>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 theme.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 137 KB
26 KB 16ms
12ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/theme.js?v=14183162156517572996

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

112e75f1a121a4588acb907b2314aa4575b789337434c1c1407fa1f1c041886a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.575,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 25998
x-xss-protection: 1; mode=block
x-request-id: 720f78a246c15f8c40c31631e4d998db
x-served-by: cache-lga21970-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.240378,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/theme.js>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 87 KB
30 KB 54ms
31ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/jquery-3.6.0.min.js?v=832450138385343479

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=9.096,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 29981
x-xss-protection: 1; mode=block
x-request-id: c3ac49ff87ae6aa6eedef564d2007f74
x-served-by: cache-lga21981-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.168945,VS0,VE9
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/jquery-3.6.0.min.js>; rel="canonical"
x-cache-hits: 1, 5450

GET
H2 200 ajax-load-more-blogs.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 695 B
965 B 15ms
12ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ajax-load-more-blogs.js?v=5765207632841672033

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

2f9ed3c3ff086eb994faf0934fbc0c86cd9df348ecc8dc6728fa252096c40a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.526,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 324
x-xss-protection: 1; mode=block
x-request-id: 7f693f6f0cb05654ff764f76bab071c5
x-served-by: cache-lga21938-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.240437,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ajax-load-more-blogs.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 141 KB
53 KB 109ms
60ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-449041522

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb27d9614aaa5ce07e37e259e91cd75a782561b5432d857af14388813fc44631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53969
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 18:35:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Feb 2022 19:07:34 GMT

GET
H2 200 boost-pfs-instant-search.css
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 58 KB
6 KB 45ms
23ms Stylesheet
text/css 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-instant-search.css?v=15799688718595142726

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

37fd7902ea2d2588fc80767747e952dc7235f4eea404a2dad3136b777ad596d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.732,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 5183
x-xss-protection: 1; mode=block
x-request-id: b8e90079269316811f4e648cb3b04ff2
x-served-by: cache-lga21959-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.168858,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-instant-search.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-otp.css
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 60 KB
7 KB 44ms
22ms Stylesheet
text/css 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-otp.css?v=11012586630355340413

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

e26e13a3d74da0afe57351974071fc8509352a7469cb84acebb7f7858395be55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.589,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 7262
x-xss-protection: 1; mode=block
x-request-id: 60285d1e3d5e31a614e8586573ec421c
x-served-by: cache-lga21949-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.168920,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-otp.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-custom.css
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 6 KB
2 KB 34ms
12ms Stylesheet
text/css 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-custom.css?v=7463141898815332892

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

fb34a2f9f9c25d6e15877c1d745fc5691e284a59d5841ced1908a8268959dc7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.255,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 1268
x-xss-protection: 1; mode=block
x-request-id: d85ca49888c69586fc431d882f0423da
x-served-by: cache-lga21921-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.169020,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-custom.css>; rel="canonical"
x-cache-hits: 1, 5687

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 99 KB
38 KB 87ms
38ms Script
application/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NS2JD28

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5384271e5ed4375dcb1fd6525df38767641f1d91d023a848902b6d453b9c734c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38451
x-xss-protection: 0
expires: Mon, 14 Feb 2022 19:07:34 GMT

GET
H2 200 weglot.min.js Show response
cdn.weglot.com/ 70 KB
25 KB 73ms
19ms Script
application/javascript 2600:9000:210b:a400:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot.min.js
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:a400:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b0eb1e1eb5a6386b2484eb7c4b741d89c6335e672c0d838e2e06e1179814685

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:38:35 GMT
server: AmazonS3
age: 1624
etag: W/"237805475e5ae28123ead771ff8dddeb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 8726e9cde2774d888ce72f8ebf7f8d30.cloudfront.net (CloudFront)
cache-control: max-age=1800
date: Mon, 14 Feb 2022 18:40:30 GMT
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: C-ikS2xc1G8hCvtd9NFIbXW1FakM27WCqKXzlsAaYjOOBM26ugEgNg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 89ms
40ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5H57LC

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef92c437b5ee2f02a2e1addd062a60739cc7a4d451d6cccfd764440391218ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29543
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 18:35:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Feb 2022 19:07:34 GMT

GET
H2 200 locator.png
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 2 KB
2 KB 18ms
14ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/locator.png?v=14216756257361213364

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

95d9727f5e12897e78fabeceac3629bde126649b07bc3ebb38191eaf40044914

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.473,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1826
x-xss-protection: 1; mode=block
x-request-id: 99bb72bfb54d160a2a224abe3a416043
x-served-by: cache-lga21925-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.241381,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/locator.png>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 search_small.png
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 1004 B
1 KB 18ms
15ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/search_small.png?v=5183730473030594921

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

83e5e3bbfe16160efd0b73627d1de0eb0b50e5373644f4594043a8cf6eb2b6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.678,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1004
x-xss-protection: 1; mode=block
x-request-id: a0c6001f1dab3f4941647e02221f8bd2
x-served-by: cache-lga21956-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.241415,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/search_small.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Baffin_logo_DIGITAL-standard_2e3ff654-4138-494d-b220-3b03c14d8fba_175x.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 3 KB
3 KB 18ms
15ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Baffin_logo_DIGITAL-standard_2e3ff654-4138-494d-b220-3b03c14d8fba_175x.png?v=1627946108

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

967fb3ebdd2817f6cdfe38a226909dae65b05164563e4f92d57e8cb9330c81f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.571,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 3194
x-xss-protection: 1; mode=block
x-request-id: 3c6ef4e82315d25d230da24b406e7537
x-served-by: cache-lga21945-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.241476,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Baffin_logo_DIGITAL-standard_2e3ff654-4138-494d-b220-3b03c14d8fba_175x.png>; rel="canonical"
x-cache-hits: 4, 1

GET
H2 200 account_small.png
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 1002 B
1 KB 22ms
19ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/account_small.png?v=6601223193476409940

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

ce832ec8cd46f7bec9f6212e9119cbfc4d3083f164486548691e3048dc713d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.895,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1002
x-xss-protection: 1; mode=block
x-request-id: 265c0177aa9565d2d368ba97e783804f
x-served-by: cache-lga21936-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.241517,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/account_small.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 cart_small.png
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 2 KB
2 KB 21ms
18ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/cart_small.png?v=14306704750304735967

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

313cb2ff8ec23234c2b07e190367c8f6a0aa76925c2fe02549cd8323f1807777

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.727,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2102
x-xss-protection: 1; mode=block
x-request-id: 491cae08fc95d7216c4125a122b7d191
x-served-by: cache-lga21980-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.241620,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/cart_small.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 hotjar-2233895.js Show response
static.hotjar.com/c/ 4 KB
2 KB 62ms
20ms Script
application/javascript 99.84.42.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2233895.js?sv=6

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.42.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-42-7.ewr52.r.cloudfront.net

Software

Resource Hash

cd5be6c41f675ee8cc1328a957a702ad5e4ae22df574a125b3596e4554b9abdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 44
etag: W/bf95d51563f0752c16151ebff752bc32
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: VtW7Pd-eCKPQ159kufcd-CA5AY4xseP2I_5XMKFRDhQ-VO2UbVyXOA==
via: 1.1 0d9932dd4d2694056e54537f60730ff4.cloudfront.net (CloudFront)

GET
H2 200 widget.js Show response
staticw2.yotpo.com/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/ 447 KB
121 KB 75ms
33ms Script
text/javascript 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/widget.js

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

020bb0470a7ef84b368f7ecd92463631539f32588602933804a757301d7dcecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=13
vary: Accept-Encoding
content-length: 122694
x-xss-protection: 1; mode=block
x-request-id: ab64eae6c04a42a0f613d0fe3703a4b9
x-runtime: 1.225710
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"c07fab1c0fa3fff7a586e1fe33aa1bf5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5191
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 6d9783fe61d64404b49f9c4e4672812e3.json Show response
cdn.weglot.com/projects-settings/ 1 KB
1023 B 268ms
232ms Fetch
application/json 2600:9000:210b:a400:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/projects-settings/6d9783fe61d64404b49f9c4e4672812e3.json
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:a400:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6cea08b71569bba46d40211345418688a74d6b29cd9582ca7678cb40d8e9115

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
last-modified: Fri, 04 Feb 2022 10:01:03 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
etag: W/"3d96178ba5ffe2fcab387db242eb8b38"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-type: application/json
x-amz-cf-id: 6Yy2GGR88YFWy3YuKROP40lvmOGwMudxoMwc73iP-yJ9WrQTwh_uTg==
via: 1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)

GET
H2 200 trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js Show response
cdn.shopify.com/s/ 77 KB
16 KB 16ms
14ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

e368e55a7cfb23084f46da05742a25a68df2de08001cf191a05e3619da0f5b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.156,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 16056
x-xss-protection: 1; mode=block
x-request-id: 96c2c95b51ac40b881a41a602fbbe0ff
x-served-by: cache-lga21941-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.241638,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js>; rel="canonical"
x-cache-hits: 1, 1510088

GET
H2 200 shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
3 KB 18ms
16ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.153,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 2560
x-xss-protection: 1; mode=block
x-request-id: 158c69eadb478c014c9d2720ba63b9ac
x-served-by: cache-lga21958-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.242105,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js>; rel="canonical"
x-cache-hits: 1, 630211

GET
H2 200 VectoraLH-Roman.otf
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 24 KB
14 KB 14ms
10ms Font
font/otf 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/VectoraLH-Roman.otf?v=3655370210396924157

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

04c7487aba93fb07228bf34a6bb40b17e6af35b127ecd4785dfa63534d6dd377

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.139,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 13184
x-xss-protection: 1; mode=block
x-request-id: 105c2edf16903d5b8d7839d8f36811f9
x-served-by: cache-lga21949-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1644865654.264057,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/VectoraLH-Roman.otf>; rel="canonical"
x-cache-hits: 1, 1654

GET
H2 200 VectoraLH-Black.otf
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 25 KB
14 KB 15ms
14ms Font
font/otf 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/VectoraLH-Black.otf?v=4785735626266198695

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

2fc5d6e8b9052ee82d5d18bf2da2edda2301f82263b025b685b9e1d14004fda6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.201,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 13430
x-xss-protection: 1; mode=block
x-request-id: af0241be6d2a9f27d20ea64ca2b81b25
x-served-by: cache-lga21959-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1644865654.264485,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/VectoraLH-Black.otf>; rel="canonical"
x-cache-hits: 1, 4

GET
H2 200 IMG_7432_2_1x1.jpg
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 700 B
1 KB 11ms
11ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/IMG_7432_2_1x1.jpg?v=1628077279

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

d332d9092e4296a20357dfc28e865341520cba2f31a935aa78e7314228d17f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.727,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 700
x-xss-protection: 1; mode=block
x-request-id: b19a27de7163ba0b99f0ebaab72a6b9e
x-served-by: cache-lga13621-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.306930,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/IMG_7432_2_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 DSC_0083_1_1x1.jpg
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 698 B
969 B 11ms
11ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/DSC_0083_1_1x1.jpg?v=1627901119

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

dcca9dfc9b6ffa1c5278272e2ca4c8cf668149f9ebc688ac258bee17535564c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.541,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 698
x-xss-protection: 1; mode=block
x-request-id: fdb5402c683267c00096adaa81601ce9
x-served-by: cache-lga21966-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.308609,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/DSC_0083_1_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 shutterstock_91547348_1_1x1.jpg
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 694 B
954 B 11ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/shutterstock_91547348_1_1x1.jpg?v=1627901120

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

befbb79721060a9b705a165feb7a728d977a0dd770e6c6b03b4868d6fe17ee10

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.451,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 694
x-xss-protection: 1; mode=block
x-request-id: 2a7f2bed2623a26e0972e8e3f529e93e
x-served-by: cache-lga21958-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.308625,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/shutterstock_91547348_1_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 1

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
93 B 150ms
107ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-central1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: da340509-4903-434c-baf4-dff7a82fe9e9
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-allow-credentials: true
cf-ray: 6dd894843b0dcab8-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
636 B 133ms
91ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-central1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: b2e10254-83b5-4b4b-8c22-762ce24fe9f2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-allow-credentials: true
cf-ray: 6dd894843b0fcab8-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
71 B 152ms
114ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-central1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 22ae3633-8226-4f0a-9d2d-1052428d3b85
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-allow-credentials: true
cf-ray: 6dd894843b0ecab8-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 modules.855de5fca5328f4d913a.js Show response
script.hotjar.com/ 235 KB
62 KB 58ms
20ms Script
application/javascript 143.204.143.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.855de5fca5328f4d913a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2233895.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.143.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-143-85.ewr52.r.cloudfront.net

Software

Resource Hash

23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352048
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 62578
access-control-allow-origin: *
last-modified: Thu, 10 Feb 2022 17:19:42 GMT
etag: "6f96b4466f1ad2a1f9575d6ac84a137f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 31b4da0406d8b733add8a3131335a500.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UIVXuW5PGAFSSKnKTs08lWAAB9WCxhp-PxzsChyDZeMb4y9-jVqwZg==

GET
H2 200 widget.css
staticw2.yotpo.com/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/ 483 KB
49 KB 30ms
29ms Stylesheet
text/css 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/widget.css?widget_version=2022-01-23_10-47-18

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

138b720b78d7acce64642afc2cee63d21a4ef9e98ab41924d921ccf38d4e0b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=7
vary: Accept-Encoding
content-length: 49993
x-xss-protection: 1; mode=block
x-request-id: f10a449999d4aa12530127a518eeeff9
x-runtime: 0.095930
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"b084e622c9d6377e8b853822a9172a6e"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=8088
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 55ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: sb9AJDP721etS4aMjTCRXlJDJQeB4zQ83dg5PuVaoGA3IC5AzUBaQYy1tBPHZpTAuXIegKFWMnPG+1NfDztBHg==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 14 Feb 2022 19:07:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2598
date: Mon, 14 Feb 2022 18:24:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 14 Feb 2022 20:24:16 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 125ms
50ms Script
application/javascript 2600:141b:5000:38b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000:38b::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
17 KB 11ms
10ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

2b40e69b4b5c337e07359025eb264e9125b5228ed972eb8f0f95785a520af271

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.143,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 17404
x-xss-protection: 1; mode=block
x-request-id: c72165d4575c14ced82bcdea11d28f6f
x-served-by: cache-lga21929-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865654.479392,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits: 3, 1622336

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
73 B 82ms
81ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-central1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 68d8f827-8d55-476a-9297-495f4acb3f2c
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-allow-credentials: true
cf-ray: 6dd894848b68cab8-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
72 B 85ms
84ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-central1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 9fa426f7-c4ea-4247-b921-a4884a84675b
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-allow-credentials: true
cf-ray: 6dd894849b6dcab8-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
72 B 66ms
65ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-central1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: f436c81d-4c50-4968-a06e-89b3913042a4
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-allow-credentials: true
cf-ray: 6dd894849b6fcab8-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 107ms
56ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-449041522

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 16747055602125368176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 19:07:34 GMT

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
71 B 127ms
127ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6a93d7d0eebeebb777036b0098935be9cb2b573b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-central1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: a2c813ff-f70d-41f3-bcc9-83c564c8e492
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-allow-credentials: true
cf-ray: 6dd89484cbafcab8-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 fs.slider.v2.5.js Show response
foursixty.com/media/scripts/ 94 KB
27 KB 61ms
19ms Script
application/javascript 157.230.5.204
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://foursixty.com/media/scripts/fs.slider.v2.5.js
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.5.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 195ab3349e3b4ff5e92b3c1293b958c93f089746749c40e7fa4b242758f352ac

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 16:15:19 GMT
server: nginx/1.18.0 (Ubuntu)
age: 5206
etag: "61b8c317-176b3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=86400
x-varnish: 450339884 427860981
x-host: main_server
accept-ranges: bytes
content-length: 27490
expires: Tue, 15 Feb 2022 19:07:34 GMT

GET
H2 200 Free-And-Easy-Shipping_small.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 2 KB
3 KB 14ms
13ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Free-And-Easy-Shipping_small.png?v=1627901119

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

b182ee0c60a8eaecc4157e75a69c48d4cd7dbc64487515b17afd8e7f32a161df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: MISS, HIT
server-timing: cdn;dur=0.609,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2280
x-xss-protection: 1; mode=block
x-request-id: c3a1301827d8eac527b7b4fa3a38750b
x-served-by: cache-lga21962-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.528091,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Free-And-Easy-Shipping_small.png>; rel="canonical"
x-cache-hits: 0, 1

GET
H2 200 sezzle_c7dc2e9a-aa80-44b3-966c-18743f58c065_small.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 2 KB
2 KB 15ms
14ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/sezzle_c7dc2e9a-aa80-44b3-966c-18743f58c065_small.png?v=1627901120

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

33162dc76f897fc11f1a4eb41c3dd719b39d5ac53be642c86159ec7b71499dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.547,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2148
x-xss-protection: 1; mode=block
x-request-id: b44dd4f6e88557844d1874889c90976e
x-served-by: cache-lga21977-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.529993,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/sezzle_c7dc2e9a-aa80-44b3-966c-18743f58c065_small.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 born-in-the-north_small.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 1 KB
2 KB 16ms
15ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/born-in-the-north_small.png?v=1627900992

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

157b620f9372c86b6327cca52b54f2f56d9b3e42e6528c548036319a808c58a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.607,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 1518
x-xss-protection: 1; mode=block
x-request-id: 539f5b6fcd5081a81364003f9b2c7efc
x-served-by: cache-lga13620-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.530055,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/born-in-the-north_small.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 customer-support_small.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 2 KB
2 KB 14ms
13ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/customer-support_small.png?v=1627901119

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

9df3bc4914ec1b70533b0af9a95d818ae1393e9840cbf9bf4c8f683a78cf55a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.152,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 1958
x-xss-protection: 1; mode=block
x-request-id: 1bdf8c6b568f852ad2430cecd9b6518e
x-served-by: cache-lga21982-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.530089,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/customer-support_small.png>; rel="canonical"
x-cache-hits: 1, 3

GET
H2 200 boost-pfs-core-instant-search.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 281 KB
81 KB 17ms
16ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-core-instant-search.js?v=5462372074343917788

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

408f3188e08fb2c41e58f46e4fb4d51bd38279e8ac45713287a134c6f6924ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.391,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 82475
x-xss-protection: 1; mode=block
x-request-id: dedde148e52f52e028aa2a6c2137d4ed
x-served-by: cache-lga21932-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.573038,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-core-instant-search.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-instant-search.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 4 KB
2 KB 14ms
13ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-instant-search.js?v=5067916094858202407

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

4a638d156316520f451401eedc096ded5c07357323ede53890cdc55fd75d18d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: MISS, HIT
server-timing: cdn;dur=0.309,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 1311
x-xss-protection: 1; mode=block
x-request-id: f28c3876667431b6a4f55b81052f4d1b
x-served-by: cache-lga21969-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.573111,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-instant-search.js>; rel="canonical"
x-cache-hits: 0, 1127

GET
H2 200 boost-pfs-otp.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 226 KB
68 KB 13ms
12ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-otp.js?v=17050804104675304022

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

a16b7fda826d880da371cdb3cc7902440a2ced7264a2dad86588f1280e288474

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: MISS, HIT
server-timing: cdn;dur=0.117,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 68823
x-xss-protection: 1; mode=block
x-request-id: 5002da4d4f7d98a00f7a0bcb06d585a7
x-served-by: cache-lga21951-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.573394,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-otp.js>; rel="canonical"
x-cache-hits: 0, 2

GET
H2 200 boost-pfs-init.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 441 B
522 B 20ms
19ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-init.js?v=18321486475260673524

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

77c61a8bbdb6f41f20d79eaad09e1d0deca1c2b40b4c3801ebc6605a1641c388

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.572,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 214
x-xss-protection: 1; mode=block
x-request-id: 7a8bbbb6965d389d1aae3f528f1d7339
x-served-by: cache-lga21952-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.573951,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/boost-pfs-init.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 114ms
58ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

130f5bd079da4ccffb6b73d64ea8aa402dcf1370bb24572c8a4084db6de27f98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-veSrOPE6RNek2B2tMxmyGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "394b7d0314fc323cccf5714d62aa0586"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-veSrOPE6RNek2B2tMxmyGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 14 Feb 2022 19:07:34 GMT

GET
H2 200 gorgias-chat-bundle-loader.js Show response
config.gorgias.chat/ 2 KB
1 KB 94ms
51ms Script
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=7579

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08268b6ccedeade7f332007558badbc4ff90495d808478220d8c15648fc734aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
surrogate-control: max-age=31536000
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8aa-Cx203UEemLpLoqRLP1fcyZ0DZqA"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, s-maxage=31536000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 6dd894855d32ecf2-YUL

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
214 B 14ms
11ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver%2CIntersectionObserverEntry%2CMutationObserver

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 27532
detected-user-agent: Chrome/98.0.4758
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2, HIT, fastly;desc="Edge time";dur=1
content-length: 94
referrer-policy: origin-when-cross-origin
last-modified: Sun, 13 Feb 2022 20:06:40 GMT
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/98.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 865157360716506 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 81ms
75ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/865157360716506?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

604bf86b7df8291437ab884ff5a7f4bed2df4d35a55f17d17a9b1b536c284023

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 35nSD+qhKKc7EAhKxXsV7xTfE7QKsikglpm6y7Q19Oy1fv8Gaksx1g6KpD2y1TrAidA8E6NzYbQb9LOFqcmxdA==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 14 Feb 2022 19:07:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 weglot.min.css
cdn.weglot.com/ 28 KB
5 KB 18ms
18ms Stylesheet
text/css 2600:9000:210b:a400:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot.min.css?v=4
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:a400:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b4fd0e91f1e3e3c84db3110561ea8d11cd01d7bc7b8a4accfe219b28107d4ec

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:51:37 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:40:58 GMT
server: AmazonS3
age: 360958
etag: W/"3a3117ea3025d0f6ea1200c3b9dee1a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 8726e9cde2774d888ce72f8ebf7f8d30.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: EWR53-C3
content-type: text/css; charset=utf-8
x-amz-cf-id: eVM8P01hpVm5Xv_Sbb65qYbymyDIoU88i0h_csrJMBWnmw0qvBmeKA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 123ms
51ms XHR
text/plain 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11022914-1&cid=327426156.1644865655&jid=1890351500&gjid=744640125&_gid=1450588621.1644865655&_u=YGBAgEABBAAAAE~&z=295346331

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Feb 2022 19:07:34 GMT
content-type: text/plain
access-control-allow-origin: https://baf-fin.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 46ms
20ms Image
image/gif 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1645158479&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baffin.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABB~&jid=1890351500&gjid=744640125&cid=327426156.1644865655&tid=UA-11022914-1&_gid=1450588621.1644865655&did=BwiEti&z=224463033

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 14:12:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17687
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 82ms
34ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/widget.css?widget_version=2022-01-23_10-47-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 17:13:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 19:07:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 19:07:34 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 56ms
54ms Script
application/javascript 2600:141b:5000:38b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:5000:38b::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/449041522/ 2 KB
2 KB 98ms
48ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/449041522/?random=1644865654682&cv=9&fst=1644865654682&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbaf-fin.xyz%2F&tiba=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75ee7ca84ce24f69092fe4b1ccc81a08178c82e8ee3f63f76363ae30b6b89130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 homepage-collection-insulated-slippers_1x1.jpg
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 696 B
983 B 12ms
11ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/homepage-collection-insulated-slippers_1x1.jpg?v=1635868738

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

42219e1bf51e16f19e45c986e0de08cb4422a02c603bb2d82f8e3147464f00e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: MISS, HIT
server-timing: cdn;dur=1.419,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 696
x-xss-protection: 1; mode=block
x-request-id: 8ab3bb24c0e36440c8a6bb62eb458e25
x-served-by: cache-lga13627-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.712270,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/homepage-collection-insulated-slippers_1x1.jpg>; rel="canonical"
x-cache-hits: 0, 1

GET
H2 200 homepage-collection-new-arrivals_8fa368e8-cdf3-4e91-a3cb-58b627b170be_1x1.jpg
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 696 B
1 KB 12ms
11ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/homepage-collection-new-arrivals_8fa368e8-cdf3-4e91-a3cb-58b627b170be_1x1.jpg?v=1635869394

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

3b9471c35b5861991d92b27473eb67d8cf6445771da3fca9de9dd45a56b39616

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.194,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 696
x-xss-protection: 1; mode=block
x-request-id: 10294f8ab9d35ccbc78db13e80f2b5c3
x-served-by: cache-lga21980-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.712500,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/homepage-collection-new-arrivals_8fa368e8-cdf3-4e91-a3cb-58b627b170be_1x1.jpg>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 real-world-tested-banner_1x1.jpg
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 704 B
978 B 13ms
13ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/real-world-tested-banner_1x1.jpg?v=1627901120

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

b0ceb1922a3bc10db2e283a3c9e1a73b7faef3573e8f4ad5b8305945497c692e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.903,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 704
x-xss-protection: 1; mode=block
x-request-id: ce6e6edbaf32f5a38e22740274493c3a
x-served-by: cache-lga21938-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.712799,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/real-world-tested-banner_1x1.jpg>; rel="canonical"
x-cache-hits: 6, 1

GET
H2 200 Industry-Black.ttf
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 15 KB
16 KB 14ms
13ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/Industry-Black.ttf?v=2223972523460959084

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

7744fa5a61105092623c3b2578faaedeb84b9b2f01efa8d4b74a253de4220e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.601,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 15840
x-xss-protection: 1; mode=block
x-request-id: 477398d146e95be26fa617c89c6f4626
x-served-by: cache-lga21947-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1644865655.715776,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/Industry-Black.ttf>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 VectoraLH-Light.otf
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 24 KB
13 KB 13ms
12ms Font
font/otf 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/VectoraLH-Light.otf?v=10590111972286145436

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

beae85300a9f6d0a6e1f458457efb8813efd9dca56c9306bbd97cc76e710b1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: MISS, HIT
server-timing: cdn;dur=0.105,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 13161
x-xss-protection: 1; mode=block
x-request-id: 67f317a181439fbc84e2d9f10e51999b
x-served-by: cache-lga13623-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1644865655.715860,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/VectoraLH-Light.otf>; rel="canonical"
x-cache-hits: 0, 382

GET
H2 200 Industry-Bold.ttf
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 15 KB
15 KB 14ms
14ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/Industry-Bold.ttf?v=16764265105896436880

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

e45e149fd6a7bd34c679e5548ce7f20dcc4bee985dbedcb86ae1e702b3fa256c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=2.419,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 15364
x-xss-protection: 1; mode=block
x-request-id: cce37d232400d7bb4e23cfe58844d8c5
x-served-by: cache-lga21959-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1644865655.715920,VS0,VE2
date: Mon, 14 Feb 2022 19:07:34 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/Industry-Bold.ttf>; rel="canonical"
x-cache-hits: 1, 398

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 80ms
18ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 303
Date: Mon, 14 Feb 2022 19:07:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=51162
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 76ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:34 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9631A00CF5CD44BB99F96C37CE94BEEA Ref B: YTO01EDGE0820 Ref C: 2022-02-14T19:07:34Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 session Show response
shop.app/pay/ 18 B
996 B 176ms
127ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,us-east1
p3p: CP="Not used"
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9f880aa8-ba23-41c9-bec9-9a530b7fca25
x-runtime: 0.004500
x-robots-tag: noindex
server: cloudflare
x-frame-options: DENY
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
vary: Accept-Encoding, Accept, Origin
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6dd894879b8d54bb-YYZ
x-sorting-hat-podid: -1
access-control-expose-headers

GET
H2 200 Black_64x64.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 712 B
985 B 10ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Black_64x64.png?v=1628072686

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

6cca7453db08a992664ebb0dbbd9f5ac3e20ba7c890bf4c8dc5a5658658fbaee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: MISS, HIT
server-timing: cdn;dur=0.129,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 712
x-xss-protection: 1; mode=block
x-request-id: e766c3e4df0d83eff609caba1c83cb4d
x-served-by: cache-lga21927-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.956689,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Black_64x64.png>; rel="canonical"
x-cache-hits: 0, 2

GET
H2 200 Worn-Brown_64x64.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 760 B
1 KB 11ms
11ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Worn-Brown_64x64.png?v=1628072686

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

6c7fa5b6ae7c590d05c789896930afb4fc271b016fa41fe7c5767dae345b4012

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.101,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 760
x-xss-protection: 1; mode=block
x-request-id: e3ffc3880139a53026223501399ef6fe
x-served-by: cache-lga21932-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.956745,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Worn-Brown_64x64.png>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 Snow-Camo_64x64.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 3 KB
3 KB 11ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Snow-Camo_64x64.png?v=1627901120

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

2db5c98b6fc37b97c134df2495f99f20d197b816bb25a47b33785e2aff7b6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.643,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2980
x-xss-protection: 1; mode=block
x-request-id: b126ed25017e5006942faf85a350c3dc
x-served-by: cache-lga21969-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.957490,VS0,VE1
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Snow-Camo_64x64.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Brown_64x64.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 722 B
987 B 10ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Brown_64x64.png?v=1628072686

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

eefb4824a6a649894cdc8aab9c0f06e68622f6a7da7ce1a7386d18e5d52225d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.107,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 722
x-xss-protection: 1; mode=block
x-request-id: d54cdf7069e7fdb2c2d6a9dee96765c5
x-served-by: cache-lga21942-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.958650,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Brown_64x64.png>; rel="canonical"
x-cache-hits: 1, 871

GET
H2 200 Charcoal_64x64.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 740 B
1 KB 11ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Charcoal_64x64.png?v=1628072686

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

3a8ef5cd96abf3435e49f1fd209fa4241319af732ed0dd9e5eb50d37443b71db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: MISS, HIT
server-timing: cdn;dur=0.476,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 740
x-xss-protection: 1; mode=block
x-request-id: a11872189bb5ef5f6f0c3b5980f8bf47
x-served-by: cache-lga21932-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.958703,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Charcoal_64x64.png>; rel="canonical"
x-cache-hits: 0, 1

GET
H2 200 Black-Bark_64x64.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 950 B
1 KB 10ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Black-Bark_64x64.png?v=1628072686

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

561e81b99a620a3eff989cda9a29cda28c85c8ce32db25afd66ef6cc7a3593f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.092,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 950
x-xss-protection: 1; mode=block
x-request-id: aab4c84de67c17ccce992e8bb9220d25
x-served-by: cache-lga21932-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.959253,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Black-Bark_64x64.png>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 Red_64x64.png
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 776 B
1019 B 10ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Red_64x64.png?v=1628072686

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

b34a12773229883197897da7c2be2c0b63487a95cf3a03cdbb4981b63e139441

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.087,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 776
x-xss-protection: 1; mode=block
x-request-id: e6c7dc36914307af43edd6ec264d61e3
x-served-by: cache-lga21975-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.959910,VS0,VE0
date: Mon, 14 Feb 2022 19:07:34 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Red_64x64.png>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 94ms
47ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/theme.js?v=14183162156517572996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8f66b4bcc5e8d3e51de1971d5860966de604f411416bd5338fbecb882dfed7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Mon, 14 Feb 2022 19:07:35 GMT

GET
H2 200 slider_v2_5.css
foursixty.com/media/styles/embed/ 41 KB
11 KB 18ms
18ms Stylesheet
text/css 157.230.5.204
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://foursixty.com/media/styles/embed/slider_v2_5.css
Requested by: Host: foursixty.com
URL: https://foursixty.com/media/scripts/fs.slider.v2.5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.5.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 17a2d7758897d062bc5614cc9944686eaafb245da487d185c6922b6fff11ce18

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 19:21:36 GMT
server: nginx/1.18.0 (Ubuntu)
age: 5206
etag: "61803e40-a4eb"
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish (Varnish/6.2)
cache-control: max-age=86400
x-varnish: 445367136 438043645
x-host: main_server
accept-ranges: bytes
content-length: 10818
expires: Tue, 15 Feb 2022 19:07:35 GMT

GET
H2 200 / Show response
foursixty.com/api/v2/baffin/timeline/ 31 KB
31 KB 53ms
18ms XHR
application/json 157.230.5.204
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://foursixty.com/api/v2/baffin/timeline/?pagination_type=cursor&page_size=25&format=json&page=1&use_stored_image_url=true
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.230.5.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2f6cd7d0499f784da380b79d5bbbf64195ea4b6f72a2337c3a5fc9695f37651a

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
via: 1.1 varnish (Varnish/6.2)
vary: Authorization, Cookie
server: nginx/1.18.0 (Ubuntu)
age: 332
allow: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age = 7200.000
x-varnish: 448957045 450004637
x-host: slave_foxtrot
accept-ranges: bytes
content-length: 31471

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722499043379/widget/ 967 B
845 B 45ms
44ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722499043379/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

fba079cff17d075bd7d9c8ae26cddafc2205f462a9d9ad86e71e3c35c227a4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=24
vary: Accept-Encoding
content-length: 356
x-xss-protection: 1; mode=block
x-request-id: 0824be1961e2bd6b7b968047bd3513ff
x-runtime: 0.009580
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"b4a255c29c1f07aa50bff83f0e518d8c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=7593
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722500452403/widget/ 965 B
843 B 52ms
52ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722500452403/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

d55e290b52b1a2b8fa19a62a3f9e82c22866ebe9f183891a874ccbb6ec6ba686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=30
vary: Accept-Encoding
content-length: 354
x-xss-protection: 1; mode=block
x-request-id: 18b88ab357924d00dd925cb9dcaceffb
x-runtime: 0.014545
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"98a77d33b8d7e9ad0c5e17d2166f80b5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=9029
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722500321331/widget/ 965 B
844 B 59ms
59ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722500321331/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

827b4bb042ac177be9cc9732ecfcd2d40725126883719de4e716805974f369b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=29
vary: Accept-Encoding
content-length: 355
x-xss-protection: 1; mode=block
x-request-id: 28fb459c6778ccfa75ad514b75fbfb26
x-runtime: 0.007295
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"4e916919218745399f5a6c9a74e9396e"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=7659
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722499731507/widget/ 970 B
847 B 65ms
65ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722499731507/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

9fc71f4f05e4c9a5c5744d682e2aa233dbb3253d0f6fb85863dbc70906f73682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=33
vary: Accept-Encoding
content-length: 358
x-xss-protection: 1; mode=block
x-request-id: e72dcdd064ca8f775a4f587d5ad1d997
x-runtime: 0.010510
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"0d9d605844482458800d3babed2c51b9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=9478
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722500485171/widget/ 965 B
844 B 73ms
73ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722500485171/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

7862f28a26d445f959e4a5da4097e4380e4d598f6af2ef42b4ec3cdd9dbe313c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=34
vary: Accept-Encoding
content-length: 355
x-xss-protection: 1; mode=block
x-request-id: 930b3584bb3d641a20d47c2db46102fc
x-runtime: 0.007797
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"7ad1199b1de8241677332143f5eacc5c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=6340
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722500026419/widget/ 965 B
868 B 115ms
115ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722500026419/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

b2af9ae40032f58e305dc1b1a7760f0934ef20ab73bd72d273e81cb71f11d509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=38, origin; dur=29
vary: Accept-Encoding
content-length: 355
x-xss-protection: 1; mode=block
x-request-id: ecd844d0604e9ce1c649cec79e234ea3
x-runtime: 0.012621
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"46f0c196c13e96c4ec821780b68a7e4b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722498912307/widget/ 965 B
844 B 88ms
87ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722498912307/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

030578fff2154d635c82844397fe011273165230d9b1b793c2e325a956a4cdc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=31
vary: Accept-Encoding
content-length: 355
x-xss-protection: 1; mode=block
x-request-id: 9fe6f04342d2b3b11f580db670a762a6
x-runtime: 0.006746
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"fc190e87d97dc6bd28087583c35bde6b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=5654
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722499108915/widget/ 965 B
838 B 95ms
95ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/722499108915/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

0b87cea495beb763c79752a8484f3e7dde898787d989701e8d24b48c7a6c3619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=35
vary: Accept-Encoding
content-length: 350
x-xss-protection: 1; mode=block
x-request-id: a92d152a558815143a3f9c7edffe9fbb
x-runtime: 0.008605
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"eaea2c271a564981181c498801ed759c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=9251
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724148387891/widget/ 972 B
849 B 103ms
103ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724148387891/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

c5c638b10c271f8169a0a9bd220a4b8fd2094011d7978763f833d8a0eba77c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=36
vary: Accept-Encoding
content-length: 360
x-xss-protection: 1; mode=block
x-request-id: 5305e8cbe1d8b9631031ff1961b966d2
x-runtime: 0.011866
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"c2f6113402734bcc6b1e4b882b4bafcc"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=9332
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/718794063923/widget/ 965 B
844 B 110ms
110ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/718794063923/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

93866e3ae9f7f797a906796c3ac29471e2166441a58e63133accbc6a862fa41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=32
vary: Accept-Encoding
content-length: 355
x-xss-protection: 1; mode=block
x-request-id: 16f223d1a8d9c360e6d4f9d03ffc2fac
x-runtime: 0.011446
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"3c78dc062bff0e260ff5eaf3fa71c878"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=8776
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724148322355/widget/ 965 B
844 B 118ms
118ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724148322355/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

ce1ecdb52b0df6bd1583e19fdb05f2a3e85d418b80e83985258c84660df0eeb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=32
vary: Accept-Encoding
content-length: 355
x-xss-protection: 1; mode=block
x-request-id: 46ac4e87803f64a1ce531f9ce31cb4c3
x-runtime: 0.007793
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"2efd40ba286dd3419c7cbb277bb9f4d8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=8091
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724145307699/widget/ 970 B
847 B 125ms
125ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724145307699/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

4decadc38bdfac8eb96fc79cf22a665b680a1158fb91d0b4be7674a423c8b819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=32
vary: Accept-Encoding
content-length: 358
x-xss-protection: 1; mode=block
x-request-id: 686c536b114b9a88c073001d8ff331f9
x-runtime: 0.010229
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"2362f66c847dcf5c8a20fd4e4f5cff8a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=6578
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/718766374963/widget/ 970 B
845 B 130ms
130ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/718766374963/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

8105a248359b6ac6332ac4ea2bb2f849f429e5a6d26cf8305eb72c4bdc3297a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=36
vary: Accept-Encoding
content-length: 358
x-xss-protection: 1; mode=block
x-request-id: 1f180235fe5c31100cfdc81c17fa4ecb
x-runtime: 0.007131
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"21f614f00e8aa3741a30bec3aefae1ce"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=8251
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/4789984624711/widget/ 971 B
843 B 132ms
131ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/4789984624711/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

da11d966a80d6fa2c82e93ab46f32b493b36b8bd5c8305cb19badc3717db82c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=29
vary: Accept-Encoding
content-length: 354
x-xss-protection: 1; mode=block
x-request-id: 03e2e0634f9c81f39749d97a756e0814
x-runtime: 0.007819
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"aa3ad53af3dab499be348141ed783e26"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=6277
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724145963059/widget/ 970 B
848 B 134ms
134ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724145963059/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

ffe82d69c0690ae323ec4cee4345d74a92a48a38373b0714ad48465dc10b7530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=22
vary: Accept-Encoding
content-length: 359
x-xss-protection: 1; mode=block
x-request-id: ddaad6bef1b56014ae4188c96ab713ab
x-runtime: 0.025934
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"b5e68f551eba8995078056efc9bf8402"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=5219
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 bottomline Show response
staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724145668147/widget/ 965 B
843 B 135ms
134ms XHR
application/json 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/batch/app_key/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/domain_key/724145668147/widget/bottomline

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

9b381d40ec3a52c1966307a36a813badd673ca72069b00307211491778b1f563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=15
vary: Accept-Encoding
content-length: 355
x-xss-protection: 1; mode=block
x-request-id: c32a6304fae0a02e9745199419cd450e
x-runtime: 0.020336
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"8210f97644756b429f27a834d79ecdb2"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
cache-control: public, max-age=5203
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 i
p.yotpo.com/ 35 B
279 B 77ms
24ms Image
image/gif 54.158.135.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&se_va=WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr&cx=eyJwdl91dWlkIjo5MzczODA4OTd9&dtm=1644865655184&tid=543732&vp=1600x1200&ds=1600x4362&vid=1&duid=f2ed887f9263da24&p=web&tv=js-0.13.2&fp=839606422&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fbaf-fin.xyz%2F
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.135.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-135-134.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
cache-control: max-age=86400, private
server: nginx
content-type: image/gif
content-length: 35
expires: Tue, 15 Feb 2022 19:07:35 GMT

POST
H3 404 update.js Show response
baf-fin.xyz/cart/ 371 B
799 B 222ms
197ms Fetch
text/html 2606:4700:3037::6815:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baf-fin.xyz/cart/update.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opeDs5ePMs%2Bps8X3Cw54Oh8MlekE5QKO0Rb67n9pBJa3%2B5629WW1SoFtfpfuRNu6nqrqZJK4qKnrU8BlYfUnWabkWVjdwXtHZspKJN1fQ2f7ZwmTO2NDSBAfg9xO0QeFkU2fKfZ%2FQTtcwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 6dd894895d367133-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gorgias-chat-bundle.js Show response
config.gorgias.chat/ 374 KB
118 KB 55ms
55ms Script
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle.js?rev=0e3da756&applicationId=7579

Requested by

Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=7579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5731dc394f53ea839bb2e6c993130697fcc3b4bef2cbfe97f64303123515983c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
surrogate-control: max-age=31536000
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d7db-ho54Xy6WFOrqs7Ciy6nVL7DZgwk"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
sourcemap: gorgias-chat-bundle.js.map
cf-ray: 6dd894892968ecf2-YUL

GET
H3 404 cart.js Show response
baf-fin.xyz/ 371 B
776 B 210ms
202ms Fetch
text/html 2606:4700:3037::6815:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baf-fin.xyz/cart.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAlvwAkqzklHtXXD%2FWMyfAVauQyR0hcLqd1nCdrAuLuzDWz1vhyJrgVNJFIFeSaT2aS%2F01EzhmJhcSoId013GF%2B3L9Mc93FF6SLic3BY4%2Bu85rnnn6IywKfjNbvjJkuFFNmZTfZVUDcpFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6dd894895d397133-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 winter-boots-men.jpg
cdn.shopify.com/s/files/1/0552/5245/1490/files/ 28 KB
29 KB 20ms
20ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0552/5245/1490/files/winter-boots-men.jpg?v=1624988367&width=300

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

b1e775e33b946a4c732fd4010160db6a7eb735b2c850ca81f1f82cfae1cf302d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.290,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 28576
x-xss-protection: 1; mode=block
x-request-id: 8637b65c4b794d78759a914f9950a046
x-served-by: cache-lga21970-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.284285,VS0,VE1
date: Mon, 14 Feb 2022 19:07:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0552/5245/1490/files/winter-boots-men.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 SNOWMONSTER-2632_1.png
cdn.shopify.com/s/files/1/0552/5245/1490/files/ 18 KB
19 KB 19ms
18ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0552/5245/1490/files/SNOWMONSTER-2632_1.png?v=1622839283&width=300

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

50f9e27aab388bf3dbfa571baa7739d6785e951498c3f710423197b011dfcee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.850,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 18844
x-xss-protection: 1; mode=block
x-request-id: 4041ae71d9f2fc4ff073b9c5286f7d55
x-served-by: cache-lga21951-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.284338,VS0,VE1
date: Mon, 14 Feb 2022 19:07:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0552/5245/1490/files/SNOWMONSTER-2632_1.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 BAFFIN-103_1.png
cdn.shopify.com/s/files/1/0552/5245/1490/files/ 15 KB
15 KB 18ms
18ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0552/5245/1490/files/BAFFIN-103_1.png?v=1622839283&width=300

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

03a3061e52cb69e8338b86a97f9f2eaedbe68ccc3693a9426de4b46e9d21e4da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.901,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 14954
x-xss-protection: 1; mode=block
x-request-id: 556fafa66fd18bd1b4d16b5ea0599e97
x-served-by: cache-lga21939-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.284383,VS0,VE1
date: Mon, 14 Feb 2022 19:07:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0552/5245/1490/files/BAFFIN-103_1.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 powersports.jpg
cdn.shopify.com/s/files/1/0023/0657/2339/files/ 29 KB
30 KB 18ms
17ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/files/powersports.jpg?v=1628085287&width=300

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

8220600118a0a92b0ea818a59cee45ba4cd20b4c6cdeb6298e9c5f0d5b940924

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: MISS, HIT
server-timing: cdn;dur=0.343,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 30156
x-xss-protection: 1; mode=block
x-request-id: 442a90cffe180f32db646c61518886e6
x-served-by: cache-lga21967-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865655.284633,VS0,VE0
date: Mon, 14 Feb 2022 19:07:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/files/powersports.jpg>; rel="canonical"
x-cache-hits: 0, 3034

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 92ms
45ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11022914-1&cid=327426156.1644865655&jid=1890351500&_u=YGBAgEABBAAAAE~&z=655860790

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 90ms
44ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11022914-1&cid=327426156.1644865655&jid=1890351500&_u=YGBAgEABBAAAAE~&z=655860790

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1938676423103038 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 19ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1938676423103038?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c869f041fe8d4e26a5aed7ba6a3be580c886dd9e21fc61120cf7fb1dcaa50d3a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89116
x-xss-protection: 0
pragma: public
x-fb-debug: CsG2tyWxsqw35jTgkQjmaBognKOgOUmUJugUT1bnq9ghE2tVRgJubig+Sqmz2cYW5Pc8qfIs8Rj8G3163kmiQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Feb 2022 19:07:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 60ms
17ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=865157360716506&ev=PageView&dl=https%3A%2F%2Fbaf-fin.xyz%2F&rl=&if=false&ts=1644865655299&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644865655296.153488880&it=1644865654581&coo=false&exp=p1&rqm=GET

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 14 Feb 2022 19:07:35 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ 158 KB
54 KB 53ms
23ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6360904dc8818bce553a019cc9e19944bcc49afaf762a71a3a6c7afc4fae7aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55334
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 16:25:40 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=auth/exm=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ 86 KB
29 KB 47ms
20ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=auth/exm=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_1?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a8b599724319591ece46e316c947b632b52061d364ad7340eb8e1057a27716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 02:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30132
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 02:27:56 GMT

GET
H2 404 badge Show response
www.google.com/shopping/customerreviews/ Frame E383 2 KB
1 KB 87ms
86ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=256718822&origin=https%3A%2F%2Fbaf-fin.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33a9fb671163ba9879132d6ce75871b245b98b73212030b21aaf9bd5e7723f52

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CokV/kOKvAGpDQOFyeLheg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-CokV/kOKvAGpDQOFyeLheg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Feb 2022 19:07:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-CokV/kOKvAGpDQOFyeLheg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-CokV/kOKvAGpDQOFyeLheg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
cross-origin-opener-policy: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame D201 2 KB
1 KB 57ms
17ms Document
text/html 143.204.143.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2233895.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.143.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-143-67.ewr52.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: i-GsvC9I_iUyh1DdAnfPFSZTQ6cNeb67LRwVDPDQR1KlVrnKzzp_Xw==
age: 900929

GET
H2 200 / Show response
ct.pinterest.com/user/ 481 B
721 B 51ms
25ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614433087166&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1644865655383
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae74584031b2f110e0643a0481c25197f1b30124f47449ce9414919377c99a13

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://baf-fin.xyz
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPVl6QXhZVEptT0RZdFlUVXpOeTAwWXpGbUxUbGpNVFF0TlRBME9XWXlORGc1WW1GaA
x-pinterest-rid: 6728190290359706
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
content-length: 342
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
17 KB 66ms
19ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:58:15 GMT
x-content-type-options: nosniff
age: 11360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 14 Feb 2023 15:58:15 GMT

GET
H2 200 yotpo-widget-font.woff
staticw2.yotpo.com/assets/ 12 KB
12 KB 61ms
22ms Font
application/font-woff 2600:1400:d:597::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://staticw2.yotpo.com/assets/yotpo-widget-font.woff?version=2022-01-23_10-47-18
Requested by: Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/widget.css?widget_version=2022-01-23_10-47-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:597::1d72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143

Request headers

Referer: https://staticw2.yotpo.com/WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr/widget.css?widget_version=2022-01-23_10-47-18
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
env: PRODUCTION
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 12288
last-modified: Sun, 23 Jan 2022 11:33:38 GMT
server: nginx/1.19.1
etag: "61ed3d12-3000"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Mon, 21 Feb 2022 19:07:35 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 30ms
29ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2614433087166&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbaf-fin.xyz%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1644865655438
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1122878151935323
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
330 B 30ms
29ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%7D&tid=2614433087166&pd=%7B%22np%22%3A%22shopify%22%2C%22aem_eligible_list%22%3A%5B%22country%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbaf-fin.xyz%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1644865655439
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 6490764868910221
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b4709b8b93da4ff986b22d71ef52db2b58ed62f149b9df382399c2e8cd1813a

Request headers

Referer
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 /
www.google.com/pagead/1p-user-list/449041522/ 42 B
64 B 87ms
57ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/449041522/?random=1644865654682&cv=9&fst=1644865200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbaf-fin.xyz%2F&tiba=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&async=1&fmt=3&is_vtc=1&random=4140954137&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/449041522/ 42 B
64 B 69ms
43ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/449041522/?random=1644865654682&cv=9&fst=1644865200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbaf-fin.xyz%2F&tiba=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&async=1&fmt=3&is_vtc=1&random=4140954137&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976554&time=1644865655569&url=https%3A%2F%2Fbaf-fin.xyz%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976554&time=1644865655569&url=https%3A%2F%2Fbaf-fin.xyz%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2976554%26time%3D1644865655569%26url%3Dhttps%253A%252F%252Fbaf-fin.xyz%252F%26coo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2976554&time=1644865655569&url=https%3A%2F%2Fbaf-fin.xyz%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2976554&time=1644865655569&url=https%3A%2F%2Fbaf-fin.xyz%2F&cookiesTest=true&liSync=true&e_ipv6=AQI7JKAPKnIN-AAAAX75ohUVc86uGW8BIHKz2uQpZAAwmM5nd...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1db556c2-03e6-44b3-b929-74925a5fa0ce
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1db556c2-03e6-44b3-b929-74925a5fa0ce&_expected_cookie=e3d7b489f2f6bbe50ed6bb43...

43 B
143 B

49ms
49ms

Image
image/gif

104.18.99.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1db556c2-03e6-44b3-b929-74925a5fa0ce&_expected_cookie=e3d7b489f2f6bbe50ed6bb43a67c4d6a
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Server: 104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6dd89490ff7ef995-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=1db556c2-03e6-44b3-b929-74925a5fa0ce&_expected_cookie=e3d7b489f2f6bbe50ed6bb43a67c4d6a
date: Mon, 14 Feb 2022 19:07:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6dd89490af05f995-YYZ
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

POST
H3 204 cspreport
www.google.com/_/VerifiedReviewsBadgeUi/ Frame E383 0
22 B 85ms
59ms Other
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/VerifiedReviewsBadgeUi/cspreport

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3Bii7F6tqaHvN42idDbapg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'nonce-3Bii7F6tqaHvN42idDbapg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=256718822&origin=https%3A%2F%2Fbaf-fin.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-3Bii7F6tqaHvN42idDbapg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'nonce-3Bii7F6tqaHvN42idDbapg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport, require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SNOWMONSTER_EPICM010_BK1_PRIMARY_400x.png
cdn.shopify.com/s/files/1/0023/0657/2339/products/ 35 KB
35 KB 12ms
11ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/products/SNOWMONSTER_EPICM010_BK1_PRIMARY_400x.png?v=1627524910

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

5e34c4cc8f3f825ce5d5559af638e32b4801b5623ed704ff0de1f32088ea386d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.006,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 35870
x-xss-protection: 1; mode=block
x-request-id: 5004f4c9662c0b3b7438400d0dea6f85
x-served-by: cache-lga13623-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865656.608735,VS0,VE1
date: Mon, 14 Feb 2022 19:07:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/products/SNOWMONSTER_EPICM010_BK1_PRIMARY_400x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 IMPACT_40000048_001_PRIMARY_1_400x.png
cdn.shopify.com/s/files/1/0023/0657/2339/products/ 25 KB
25 KB 13ms
12ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/products/IMPACT_40000048_001_PRIMARY_1_400x.png?v=1635879441

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

42bc0400c0510801725945d5b183b5386e1573688188c8253b142017fb90f4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.070,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 25284
x-xss-protection: 1; mode=block
x-request-id: f8e5842a38103215d9fce210d9d44335
x-served-by: cache-lga21943-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865656.609063,VS0,VE1
date: Mon, 14 Feb 2022 19:07:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/products/IMPACT_40000048_001_PRIMARY_1_400x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 EIGER_4000M001_BK1_PRIMARY_400x.png
cdn.shopify.com/s/files/1/0023/0657/2339/products/ 30 KB
30 KB 11ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/products/EIGER_4000M001_BK1_PRIMARY_400x.png?v=1627526838

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

414805507fcc2b56bf089e3c18d04eef755c8bcd3ab967bdc3a8d01b734a1a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: MISS, HIT
server-timing: cdn;dur=0.177,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 30288
x-xss-protection: 1; mode=block
x-request-id: c274d4d326dd88eebbdca6300574cc5c
x-served-by: cache-lga21927-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865656.609165,VS0,VE0
date: Mon, 14 Feb 2022 19:07:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/products/EIGER_4000M001_BK1_PRIMARY_400x.png>; rel="canonical"
x-cache-hits: 0, 2

GET
H2 200 ZONE_SOFTM006_BK1_PRIMARY_400x.png
cdn.shopify.com/s/files/1/0023/0657/2339/products/ 29 KB
29 KB 13ms
13ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/products/ZONE_SOFTM006_BK1_PRIMARY_400x.png?v=1627528418

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

4e9f66915aa67ba9ed968ce89069ed57a7a56a8a3567a87a226ff7ecd6f12944

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.953,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 29642
x-xss-protection: 1; mode=block
x-request-id: 7318bc43bb0c616e311885fd9b83ca9f
x-served-by: cache-lga21941-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865656.609233,VS0,VE1
date: Mon, 14 Feb 2022 19:07:35 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/products/ZONE_SOFTM006_BK1_PRIMARY_400x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 38ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1938676423103038&ev=PageView&dl=https%3A%2F%2Fbaf-fin.xyz%2F&rl=&if=false&ts=1644865655609&sw=1600&sh=1200&v=2.9.52&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1644865655296.153488880&it=1644865654581&coo=false&eid=f9a2114d-E305-4D6F-2361-EF13C9E4504F&exp=p1&rqm=GET

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 14 Feb 2022 19:07:35 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/96dcbc8c/www-widgetapi.vflset/ 147 KB
47 KB 47ms
19ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86891a4f92d09b470ae41e59041f933740ed0637ff2b92780b185cf1649cdb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 440351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48432
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Feb 2023 16:48:24 GMT

GET
H2 200 17527110.js Show response
bat.bing.com/p/action/ 714 B
761 B 199ms
196ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17527110.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bbaf614437ec33e7f394b7a2815671aeeb5f4ac2eae8d029b42dc9e1bd38aee7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A7AB3C37691C446583177461B6581981 Ref B: YTO01EDGE0820 Ref C: 2022-02-14T19:07:35Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 610

GET
H2 204 0
bat.bing.com/action/ 0
174 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17527110&Ver=2&mid=f4f75f66-148f-485d-ab02-9a8fde32c03d&sid=5e920f208dc911ecb7076f72df94941a&vid=5e9266c08dc911ec9fac27de5da2eb1f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&p=https%3A%2F%2Fbaf-fin.xyz%2F&r=&lt=1409&evt=pageLoad&msclkid=N&sv=1&rn=559463
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE021A14FD2945D0A6125B4BCF0DC3AA Ref B: YTO01EDGE0820 Ref C: 2022-02-14T19:07:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
96 B 34ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17527110&Ver=2&mid=f4f75f66-148f-485d-ab02-9a8fde32c03d&sid=5e920f208dc911ecb7076f72df94941a&vid=5e9266c08dc911ec9fac27de5da2eb1f&vids=0&pagetype=home&en=Y&evt=custom&msclkid=N&rn=391050
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B8D6AE55EEF4742BECB31321154F12E Ref B: YTO01EDGE0820 Ref C: 2022-02-14T19:07:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 493.js
assets.gorgias.chat/eb94d552d98db2ebcb829a873545055c41516ff2/static/js/ 0
5 KB 41ms
30ms Other
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/eb94d552d98db2ebcb829a873545055c41516ff2/static/js/493.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=0e3da756&applicationId=7579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2120
x-guploader-uploadid: ADPycdsbRJlURFJRWAgKGv1QQPzOwXL3CDazb4lWmNpfJTKPOGYtfs7r7bi4WTbFuAgtQlehTuTmNjVBehPLQLTbHes
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 4472
last-modified: Fri, 11 Feb 2022 18:54:45 GMT
server: cloudflare
etag: "28c70234ac009c8b550202437ad64f7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=2bbOBg==, md5=KMcCNKwAnItVAgJDetZPeg==
x-goog-generation: 1644605685814601
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=3600,s-maxage=3600,no-transform
x-goog-stored-content-length: 4472
accept-ranges: bytes
cf-ray: 6dd8948c2d3decf2-YUL

GET
H2 200 gcmw.js
assets.gorgias.chat/eb94d552d98db2ebcb829a873545055c41516ff2/static/js/ 0
142 KB 37ms
28ms Other
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/eb94d552d98db2ebcb829a873545055c41516ff2/static/js/gcmw.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=0e3da756&applicationId=7579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 659
x-guploader-uploadid: ADPycdvYq3eSwMuivomWpYtije1xikTUREIAe8636-yVpJwDeJsh69cydf00I8tfuwBHuI8OqcPr4Ey7BUlDO85bukrusWLIng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 144322
last-modified: Fri, 11 Feb 2022 18:54:46 GMT
server: cloudflare
etag: "1cd8cd6ad5132592bf1f1ca9a2dbaf56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=pzZKFQ==, md5=HNjNatUTJZK/HxypotuvVg==
x-goog-generation: 1644605686588043
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=3600,s-maxage=3600,no-transform
x-goog-stored-content-length: 144322
accept-ranges: bytes
cf-ray: 6dd8948c2d3becf2-YUL

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 62D5 565 B
858 B 83ms
35ms Document
text/html 2607:f8b0:4006:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fbaf-fin.xyz&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=auth/exm=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_1?le=oz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200d Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20fed1ad6cdb9086b7f14a57c4a1d3a25a23a26bad62493e9994d1ebe0cddd95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M5xtXLZjJeg2168IWrBn1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Feb 2022 19:07:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-M5xtXLZjJeg2168IWrBn1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 206 notification-chat.83dc8908a850dbf79f95.mp3
assets.gorgias.chat/eb94d552d98db2ebcb829a873545055c41516ff2/static/media/ 4 KB
4 KB 18ms
18ms Media
audio/mpeg 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/eb94d552d98db2ebcb829a873545055c41516ff2/static/media/notification-chat.83dc8908a850dbf79f95.mp3
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d191bedb4ccc9fd7f7eb24b325fb64488c1ad0d949c3b644f5600eafd8aecb73

Request headers

Referer: https://baf-fin.xyz/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
cf-cache-status: HIT
age: 2152
x-guploader-uploadid: ADPycdsGWqV6-cr-7u2QezY7VKLrR96rsKGURyi7R2fK_1fnxLXcwFWfckbyAknJwa7_gXe4hl5I6dqa_lLE-Whaz1s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: audio/mpeg
Content-Length: 3660
Content-Range: bytes 0-3659/3660
last-modified: Fri, 11 Feb 2022 18:54:54 GMT
server: cloudflare
etag: "97cd95d28b187ffc0c8455c08a688eef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=RoEABg==, md5=l82V0osYf/wMhFXAimiO7w==
x-goog-generation: 1644605694153005
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=3600,s-maxage=3600,no-transform
x-goog-stored-content-length: 3660
cf-ray: 6dd8948c9dcaecf2-YUL

GET
H3 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame E383 3 KB
3 KB 34ms
34ms Image
image/png 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=256718822&origin=https%3A%2F%2Fbaf-fin.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=256718822&origin=https%3A%2F%2Fbaf-fin.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 14 Feb 2022 19:07:35 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 23ms
23ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=865157360716506&ev=Microdata&dl=https%3A%2F%2Fbaf-fin.xyz%2F&rl=&if=false&ts=1644865655845&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%5Cn%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%22%2C%22meta%3Adescription%22%3A%22Baffin%20was%20born%20In%20%5C%22The%20Great%20White%20North%5C%22%2C%20Canada.%20We%20test%20our%20gear%20to%20perform%20in%20the%20most%20extreme%20environments%20on%20the%20planet%2C%20so%20it%20will%20perform%20for%20you.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%22%2C%22og%3Adescription%22%3A%22Baffin%20was%20born%20In%20%5C%22The%20Great%20White%20North%5C%22%2C%20Canada.%20We%20test%20our%20gear%20to%20perform%20in%20the%20most%20extreme%20environments%20on%20the%20planet%2C%20so%20it%20will%20perform%20for%20you.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.baffin.com%2F%22%2C%22og%3Asite_name%22%3A%22Baffin%20-%20Born%20in%20the%20North%20%2779%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22name%22%3A%22translation%20missing%3A%20en.general.breadcrumb.home%22%2C%22item%22%3A%22https%3A%2F%2Fwww.baffin.com%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1644865655296.153488880&it=1644865654581&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 14 Feb 2022 19:07:35 GMT

GET
H3 200 KfsCaZROU8Q Show response
www.youtube.com/embed/ Frame C573 60 KB
25 KB 80ms
80ms Document
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7dc3ea29dc7e62886cf5b97f336bd45ce314ffbeb224d86e66f8d57916f393c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Feb 2022 19:07:35 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
cdn.shopify.com/shopifycloud/media-analytics/v0.1/ 24 KB
7 KB 11ms
11ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

7abc5bad60f3c1a3728640864ab085439d4c492e440bdd89b2d64d613aaf2160

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.113,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 7279
x-xss-protection: 1; mode=block
x-request-id: 276869e0f87a614273a8e5897f138d74
x-served-by: cache-lga21950-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1644865656.879635,VS0,VE0
date: Mon, 14 Feb 2022 19:07:35 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/media-analytics/v0.1/analytics.js>; rel="canonical"
x-cache-hits: 61, 615

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2233895/ 146 B
323 B 298ms
101ms XHR
application/json 52.48.200.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2233895/visit-data?sv=6
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.200.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-200-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2233895 Show response
vc.hotjar.io/sessions/ 0
256 B 139ms
88ms XHR
text/plain 13.226.31.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2233895?s=0.25&r=0.025820284940369698
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-31-123.ewr53.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
via: 1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: sC1GqhFTf9ySoi2w7dQg4g2TTSAsesK_kKMbYWottn4CgEhvWax18A==

GET
H2 200 clarity.js Show response
i.clarity.ms/s/0.6.32/ 53 KB
23 KB 102ms
34ms Script
application/javascript 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17527110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: br
etag: "1d8191fe855c690"
last-modified: Thu, 03 Feb 2022 17:03:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E7D210BEC1D74F74B3E503E439749151&RedC=c.clarity.ms&MXFR=0BB55A499C8965F70E304B0298896B2B
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7D210BEC1D74F74B3E503E439749151&MUID=0954F295807269A81B2FE3DE81586854

42 B
440 B

31ms
30ms

Image
image/gif

20.36.253.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7D210BEC1D74F74B3E503E439749151&MUID=0954F295807269A81B2FE3DE81586854
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Server: 20.36.253.92 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9ea1ae3587d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CDEC3EC3B9FD4149BB97B13FC467740A Ref B: YTO01EDGE0820 Ref C: 2022-02-14T19:07:36Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7D210BEC1D74F74B3E503E439749151&MUID=0954F295807269A81B2FE3DE81586854
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 138148413-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 62D5 10 KB
5 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/138148413-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fbaf-fin.xyz&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78485a79a88d58baf7fa253ec43d6827f88dada8b16a1a36325994a84f423970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 04:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4296
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 05:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 04:24:31 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 62D5 13 KB
5 KB 85ms
85ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51ea75fec6a6030c9a7cd913834dcbbfc53abc6ab2cd665155b996d6e6edfdda

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+9X4wp1rBJDiT12kwWNkbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: "77e87acda4bbdb46a59bab9f008dd8e3"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-+9X4wp1rBJDiT12kwWNkbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 14 Feb 2022 19:07:35 GMT

OPTIONS
H3 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 135ms
98ms Preflight 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Origin: https://baf-fin.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-max-age: 86400
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
x-request-id: ffce9a38-51d0-40be-bc2c-b8c92c998dc2
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6dd8948dec3a53fb-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 59ms
58ms Fetch 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
X-Monorail-Edge-Event-Created-At-Ms: 1644865655938
X-Monorail-Edge-Event-Sent-At-Ms: 1644865655939
Accept-Language: en-CA,en;q=0.9
X-Monorail-Edge-Client-Message-Id: 814f56f7-dc68-4019-9ebb-1f1104f81970
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-central1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 79634fbe-c1db-4a38-a1a8-ae35dbf0bf6d
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-allow-credentials: true
cf-ray: 6dd8948e8db353fb-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/96dcbc8c/ Frame C573 342 KB
47 KB 19ms
19ms Stylesheet
text/css 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 14:45:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47770
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 14:45:06 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/ Frame C573 282 KB
85 KB 30ms
29ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 440357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86941
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Feb 2023 16:48:18 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/ Frame C573 2 MB
536 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f7672936fb92f71e4cc6bd4d921f19103d630329a18929988f57621bafde2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 00:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548780
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Feb 2023 00:42:48 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/ Frame C573 10 KB
3 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:48:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 440356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Feb 2023 16:48:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C573 15 KB
15 KB 46ms
19ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 529665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 15:59:51 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/ Frame 62D5 54 KB
19 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.J6wwVzZFlys.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93fa2b4cd4e7ab1a5984412607c24a1608bf1cb981908a9aaf4b8a7b9cbfbb16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 02:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19359
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 02:51:11 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C573
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

34ms
34ms

XHR
application/json

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf16f75a6a4c4039827d215f927c8122aecfa6962130b2fc0e0e7517ca1f9b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 14 Feb 2022 19:07:36 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C573 29 B
588 B 65ms
19ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 18:58:14 GMT
x-content-type-options: nosniff
age: 562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Feb 2022 19:13:14 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 18ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1938676423103038&ev=Microdata&dl=https%3A%2F%2Fbaf-fin.xyz%2F&rl=&if=false&ts=1644865656177&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%5Cn%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%20%20%20%20%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779%5Cn%20%20%20%20%20%20%5Cn%20%20%20%20%22%2C%22meta%3Adescription%22%3A%22Baffin%20was%20born%20In%20%5C%22The%20Great%20White%20North%5C%22%2C%20Canada.%20We%20test%20our%20gear%20to%20perform%20in%20the%20most%20extreme%20environments%20on%20the%20planet%2C%20so%20it%20will%20perform%20for%20you.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%22%2C%22og%3Adescription%22%3A%22Baffin%20was%20born%20In%20%5C%22The%20Great%20White%20North%5C%22%2C%20Canada.%20We%20test%20our%20gear%20to%20perform%20in%20the%20most%20extreme%20environments%20on%20the%20planet%2C%20so%20it%20will%20perform%20for%20you.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.baffin.com%2F%22%2C%22og%3Asite_name%22%3A%22Baffin%20-%20Born%20in%20the%20North%20%2779%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22name%22%3A%22translation%20missing%3A%20en.general.breadcrumb.home%22%2C%22item%22%3A%22https%3A%2F%2Fwww.baffin.com%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1644865655296.153488880&it=1644865654581&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 14 Feb 2022 19:07:36 GMT

GET
H3 200 CnVWZPRvOVvjWpUmNxEzT7rRJCP2D_64Idcdnd1XvWw.js Show response
www.google.com/js/th/ Frame C573 35 KB
13 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/CnVWZPRvOVvjWpUmNxEzT7rRJCP2D_64Idcdnd1XvWw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a755664f46f395be35a95263711334fbad12423f60ffeb821d71d9ddd57bd6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 05:45:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13560
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 05:45:40 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/ Frame C573 26 KB
7 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2df68db3a2e3f3f7182a16c8a255a9640057223555f379756f98bc020366a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 440350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Feb 2023 16:48:26 GMT

GET
DATA 200
OK truncated
/ Frame C573 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRzsiAlUMeJ_AlwmtNex2b1PNx2pmaq5h9zN38k=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C573 1 KB
1 KB 68ms
22ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRzsiAlUMeJ_AlwmtNex2b1PNx2pmaq5h9zN38k=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b095acf803682b591bbd275a9bec33e580d2f43018fec73149e35ae4e2a94af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 18:52:47 GMT
x-content-type-options: nosniff
age: 889
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1034
x-xss-protection: 0
server: fife
etag: "v69"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 05:33:39 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/KfsCaZROU8Q/ Frame C573 54 KB
55 KB 68ms
21ms Image
image/webp 2607:f8b0:4006:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/KfsCaZROU8Q/maxresdefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2016 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ab4f5b6eef562836cb4516979b55364ec7ccc1373a8410d9eea8eaef7ea97c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:49:15 GMT
x-content-type-options: nosniff
age: 4701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55662
x-xss-protection: 0
server: sffe
etag: "1635740533"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Feb 2022 19:49:15 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
91 B 32ms
31ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://baf-fin.xyz
date: Mon, 14 Feb 2022 19:07:36 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame C573 86 KB
22 KB 118ms
118ms XHR
application/json 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb6abd6ff094f582fac02516923b9ae8de1525db8319b77968f805a3c5f31480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220208.01.00
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Goog-Visitor-Id: CgtZSGFLOEI2SFRUOCj30KqQBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22797
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame C573 0
9 B 22ms
19ms Image
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?JsgEng
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame C573 0
19 B 37ms
36ms Ping
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=244&afmt=251&cpn=mmqxx-5TpZoqv1Ou&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082661%2C24135310%2C24166123%2C24167177&cl=427307184&seq=1&docid=KfsCaZROU8Q&ei=eKgKYqyMEouJ_9EPkriAoAw&event=streamingstats&plid=AAXX_yEl_vL0fnsp&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKfsCaZROU8Q%3Fshowinfo%3D0%26controls%3D0%26fs%3D0%26rel%3D0%26height%3D100%2525%26width%3D100%2525%26iv_load_policy%3D3%26html5%3D1%26loop%3D1%26playsinline%3D1%26modestbranding%3D1%26disablekb%3D1%26origin%3Dhttps%253A%252F%252Fbaf-fin.xyz%26enablejsapi%3D1%26widgetid%3D1&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220208.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.157:B,0.157:B&cmt=0.009:0.000,0.157:0.000&afs=0.157:251::i&vfs=0.157:244:247::r&view=0.157:1600:1200&bwe=0.157:130000&bat=0.157:1:1&vis=0.157:0&bh=0.157:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:36 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr1---sn-apaapm4g-apae.googlevideo.com/ Frame C573 1 KB
2 KB 348ms
89ms XHR
text/plain 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=PR&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-tt1eln7l&ms=au%2Crdu&mv=m&mvi=1&pl=32&initcwndbps=512500&vprv=1&mime=video%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=1049961&dur=15.014&lmt=1635750834112399&mt=1644865260&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgWtKGe1zqECZNUgOKSMtoLQp2i_HyGWBFt8mlmCoqnYkCIQDEIbZ_iAEvy1ug7UWBznK_oRA6bQF_53uBC7VhKVlGxA%3D%3D&alr=yes&sig=AOq0QJ8wRAIgR4mXPcyPjf9kNqw8JFSkeeiKhG75WednvsBSCrENLOUCIEjCUgEtL131VnQinhxf0qfGJXtoeT1KJVZLNOmYoL4L&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&range=0-179532&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2dbc9f487853092e8fc71ff1ffd82ee0ab685a62700ab78e9c7111dd78a21b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 19:07:36 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1070
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 14 Feb 2022 19:07:36 GMT

GET
H/1.1 200
OK videoplayback Show response
rr1---sn-apaapm4g-apae.googlevideo.com/ Frame C573 1003 B
2 KB 346ms
88ms XHR
text/plain 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=251&source=youtube&requiressl=yes&mh=PR&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-tt1eln7l&ms=au%2Crdu&mv=m&mvi=1&pl=32&initcwndbps=512500&vprv=1&mime=audio%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=252759&dur=15.041&lmt=1635750831675722&mt=1644865260&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAN1eeW2cfMWi_zPMQvxtdXjXNHv59W4aZjPaGpR9LbX_AiEAlR7R1uAn_u0aiI9HnxjpHdoriUTUqfnZyCvEPSaoRQQ%3D&alr=yes&sig=AOq0QJ8wRQIger-nnpXAoVJ57jtNa_brYN43KPu01MQacAGfn0vD1XYCIQCg1vxn1viL9TnOImWTW2cO_dxGTJCnctq1d0p389zEXQ%3D%3D&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&range=0-65828&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

057912e496cd39f927374642cb7b3c3c8b85b04c980c8abd285d852f498d1f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 19:07:36 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1003
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 14 Feb 2022 19:07:36 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/ Frame C573 64 KB
24 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a9cefea436a4582ff8dea30cde003666af9eba90099e4d6a6277008db8f377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 19:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24451
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Feb 2023 19:49:08 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/ Frame C573 26 KB
7 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86681ff095c0ac4c83a4ba81b95e0e0edd0d83b231658b79bcb462ad8bc5a27c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 18:41:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7187
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 18:41:54 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame C573 61 KB
4 KB 201ms
201ms XHR
application/json 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fdac52d25a048d0bc14f650edb8099b41d10802cb628f4b596e490a669a62ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220208.01.00
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Goog-Visitor-Id: CgtZSGFLOEI2SFRUOCj30KqQBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4483
x-xss-protection: 0

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
988 B 47ms
11ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=MqcjRF&shop=baffin-inc.myshopify.com
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0aff4a969bac0cfadb6c8ea0cd1eeb03bcac8216ee34e95393d041da8c28c46d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: gzip
age: 1296
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 859
x-served-by: cache-lga21932-LGA, cache-yul12829-YUL
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1644865657.570503,VS0,VE1
etag: W/"e8211aa2136b3f0e24f3b899ecb98bad"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 46ms
10ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=PrX6AS&shop=baffin-inc.myshopify.com
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b5a819a6193cd99dbac47a9f27304bff4c51b7e4496b75a4b57e8b9a67d26233

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: gzip
age: 1298
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 860
x-served-by: cache-lga21927-LGA, cache-yul12829-YUL
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1644865657.570546,VS0,VE1
etag: W/"1bf007c2c1f8d6dd6b1d8a60b127aae3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H/1.1 200
OK shopify_rolling_bootstrap_v2.js Show response
assets1.adroll.com/shopify/latest/j/ 2 KB
1 KB 97ms
19ms Script
application/javascript 2600:9000:21da:3e00:1c:cd6a:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=2TIXCSBXGRG6FFDNARQPOD&adroll_pix_id=R7IUSZNLAVDX5BDARFCZKX&shop=baffin-inc.myshopify.com
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:3e00:1c:cd6a:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea1d29b419599a59d7da810bfa2f4dbe0b8f72d39fa71cb5195300cfb879f837

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 18:21:55 GMT
Content-Encoding: gzip
Age: 2774
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Via: 1.1 7f822cbc5468903ff5582a7c6af4c024.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Feb 2022 20:25:33 GMT
Server: AmazonS3
Etag: W/"dcbab6195eb24bf3935cbc62ec0ed277"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pNbh4-YNn4hxCrgR2zUrv4LJGFIRSXBuXuaX_rj_WvT4aw6nCkOEMg==

GET
H2 200 widget.js Show response
shopify.privy.com/ 383 KB
107 KB 66ms
38ms Script
text/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shopify.privy.com/widget.js?shop=baffin-inc.myshopify.com

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

816f25141648c91e0b350147025d0914a1d81f3ff6622d5a050140fedc61307c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
access-control-request-method: *
vary: Accept-Encoding
cf-cache-status: HIT
age: 1369
content-encoding: gzip
x-request-id: 523844f7-f9c3-4e8c-9d3e-bee13214c125
access-control-allow-origin: *
server: cloudflare
etag: W/"816f25141648c91e0b350147025d0914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
via: 1.1 vegur
cache-control: private, max-age=1800
cf-ray: 6dd894918caa4bcb-YUL

GET
H2 200 sezzle-footer-logo-fix.js Show response
d34uoa9py2cgca.cloudfront.net/shopify-app/helper-scripts/ 463 B
790 B 82ms
19ms Script
application/javascript 99.84.47.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34uoa9py2cgca.cloudfront.net/shopify-app/helper-scripts/sezzle-footer-logo-fix.js?shop=baffin-inc.myshopify.com
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.47.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-47-14.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1e26c3e6af32b965902df34319e98f02ca064c0eca4048fa364357548a8b28e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:24:07 GMT
via: 1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
last-modified: Sun, 25 Mar 2018 15:39:33 GMT
server: AmazonS3
age: 35010
etag: "374fb5d08db800d032c4e963eb0a8687"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-length: 463
x-amz-cf-id: Ah37gIbU2sovgZFKSmVmqvuG4ROBdzGSC1k95lAGJiWN25s7jfl3-A==

GET
H2 200 script.js Show response
geolocation-recommendations.shopifycloud.com/locale_bar/ 59 KB
20 KB 134ms
48ms Script
text/javascript 34.139.78.128
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation-recommendations.shopifycloud.com/locale_bar/script.js?shop=baffin-inc.myshopify.com

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.139.78.128 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

128.78.139.34.bc.googleusercontent.com

Software

Resource Hash

50298f3f3f3c107b2685a43d00f8071d702d2b30dc1afb9c668855c097b02277

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1
server-timing: processing;dur=10, socket_queue;dur=2.329, util;dur=0.9
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6d01b044f5cbbda9c5e8e000856d517d
x-runtime: 0.009608
referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
etag: W/"50298f3f3f3c107b2685a43d00f8071d"
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate

GET
H2 200 weglot_script_tag.js Show response
cdn.weglot.com/ 0
346 B 20ms
17ms Script
application/javascript 2600:9000:210b:a400:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot_script_tag.js?shop=baffin-inc.myshopify.com
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:a400:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:32:45 GMT
via: 1.1 8726e9cde2774d888ce72f8ebf7f8d30.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jun 2020 10:38:01 GMT
server: AmazonS3
age: 12892
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=172800
x-amz-cf-pop: EWR53-C3
content-type: application/javascript
content-length: 0
x-amz-cf-id: kqboi7fZq86bnWlPC8co-iEmF0pSuazfDE0jNmG2phq2XiiMcs0PXA==

GET
H2 200 swym-shopify.js Show response
swymv3free-01.azureedge.net/code/ 229 KB
56 KB 132ms
20ms Script
application/javascript 2620:1ec:46::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://swymv3free-01.azureedge.net/code/swym-shopify.js?shop=baffin-inc.myshopify.com
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e788e3f4931c27d06456b8567d840490f0b541371bae9773e92fdba89b56e1ae

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 14 Feb 2022 19:07:35 GMT
content-encoding: br
x-azure-ref-originshield: 0OhsKYgAAAADWQDhdOEAyTY3+DB5+WyFBRVdSMzBFREdFMDYwOABmZjkzODEwYi0zMTZmLTQzYmYtOTUyYS1hZDUxMGIyNmJmNDE=
content-md5: t30wE1Moz7ZBNtpRu14Mqg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 11 Feb 2022 09:03:44 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9ED3D681A7425
x-azure-ref: 0eKgKYgAAAAC2akpM6kgaQoOrLYjGGM9/WVRPMDFFREdFMDYyMQBmZjkzODEwYi0zMTZmLTQzYmYtOTUyYS1hZDUxMGIyNmJmNDE=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 43eab15d-a01e-0039-3b81-2164f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19

GET
H2 200 widget.js Show response
accessibilityserver.org/ 1 KB
1 KB 81ms
17ms Script
application/javascript 143.204.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accessibilityserver.org/widget.js?account=bpsJ1cpJQP&platfAppInstalledSiteId=1331632&shop=baffin-inc.myshopify.com
Requested by: Host: baf-fin.xyz
URL: https://baf-fin.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.143.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-143-56.ewr52.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: 9babce6e12a3ba8adbc5201c033afeabce2d4d7705a946dcbaee98bf552c379d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 14 Feb 2022 18:31:26 GMT
via: 1.1 e5bd532dbdee524acdf00690205f3b5a.cloudfront.net (CloudFront), 1.1 71994794c0ae42f7776bc799e33a979a.cloudfront.net (CloudFront)
etag: W/"ed19b61f12c8cc5a78c7f86fd40b88d5"
age: 2170
x-77-cache: HIT
x-cache: Hit from cloudfront
x-age: 3082
content-encoding: gzip
x-77-nzt: AZySJBbgG8X/CgwAAA==
last-modified: Tue, 08 Feb 2022 14:10:54 GMT
server: CDN77-Turbo
x-77-nzt-ray: Bnf1rE33ocs=
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
x-amz-cf-pop: EWR53-P1, EWR52-C2
x-amz-cf-id: LhmOq6FVsjCmF0Q97qN6UGNqSYOFYJnn3Rp5dpeuRTdDbippo9QwxA==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 522 B
638 B 252ms
24ms Script
application/javascript 74.119.119.142
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=90222&shop=baffin-inc.myshopify.com

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.142 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bb81a2155beaa67c245c6ee373be4d155fcff54dc4d60ab1d81a9db039346701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 script-1639121469.js Show response
cdn.shopify.com/proxy/87ff75d93c407a603b49be61a705016ddfde6fe4284544247ac6fa3176a6cd43/bcdn.starapps.studio/apps/via/baffin-inc/ 48 KB
49 KB 14ms
12ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/87ff75d93c407a603b49be61a705016ddfde6fe4284544247ac6fa3176a6cd43/bcdn.starapps.studio/apps/via/baffin-inc/script-1639121469.js?shop=baffin-inc.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

e713dafa3d4d5303d3b7ae3e171b3ca4ac95356b7fb212d5fa5bd4ea3fa03b1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src 'none'; sandbox;
x-cdn: Fastly, http2
cdn-storageserver: NY-106
edge-cache-tag: mime-application/javascript,source-ProxyBackend,segment2-82,segment4-21000,revision-0b733dcb7f2ea5263dc5a1a992ce9f8010e07c3f,secure-proxy-shopifycloud-com-proxy-87ff75d93c407a603b49be61a705016ddfde6fe4284544247ac6fa3176a6cd43-bcdn-starapps-studio-apps-v
cdn-pullzone: 167988
content-disposition: attachment
server-timing: cdn;dur=0.776,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
x-served-by: cache-lga21941-LGA, cache-yul12834-YUL
cdn-proxyver: 1.02
cdn-fileserver: 268
x-timer: S1644865657.539833,VS0,VE1
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cache-control: public, max-age=600
cdn-requestcountrycode: US
x-cache-hits: 1, 1
date: Mon, 14 Feb 2022 19:07:36 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
cdn-edgestorageid: 616
x-dc: gcp-us-east1,gcp-us-central1
access-control-allow-origin: *
x-cache: HIT, HIT
cdn-cachedat: 01/09/2022 00:48:48
content-length: 49205
x-xss-protection: 1; mode=block
x-request-id: 64ad8962ed95451c5cfca01eed749dc5
last-modified: Fri, 10 Dec 2021 07:31:11 GMT
server: cache-yul12834-YUL
cdn-requestpullcode: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
cdn-uid: 3712be04-dd87-41bb-adc7-5d9ff1e853cc
cdn-requestid: 3bdb4fa97dadfc75b54a1a1cca4e26fa
accept-ranges: bytes
timing-allow-origin: *
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sca.storelocator_scripttag.js Show response
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 17 KB
5 KB 12ms
11ms Script
application/javascript 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/sca.storelocator_scripttag.js?v=1642019703&shop=baffin-inc.myshopify.com

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

9e351578126b0240dc29e00c61deae3e21756efee4b3de18c653d03cc8868069

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.717,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 5269
x-xss-protection: 1; mode=block
x-request-id: 95f36fe0db68b958c3c21ac77a602d06
x-served-by: cache-lga21949-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865657.539884,VS0,VE1
date: Mon, 14 Feb 2022 19:07:36 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/sca.storelocator_scripttag.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H3 404 cart Show response
baf-fin.xyz/ 371 B
762 B 108ms
108ms Fetch
text/html 2606:4700:3037::6815:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baf-fin.xyz/cart?view=drawer&timestamp=1644865656589
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJ43IujswHOiEOJ09kDdZvprBqTV1WvXwxqKmvxYDhrvbtvmuouhC7VKe4yXkNPZktPPc7mJhT2%2FRyPaIcneTgzOEkErVeZa9LYqkd5ArgLru1GniBgon3VlFFGYQxEvwzgnkngd7bKeCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 6dd89491b8fb7133-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

ct.html Show response
www.pinterest.ca/ Frame C103
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.ca/ct.html

413 B
4 KB

115ms
113ms

Document
text/html

151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.ca/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

927b005d235ded900592173a1b3d496fbdee07d11c645219a02d4ac7fefa3900

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-490ba64299ef9641a8a9c319b4adfd89' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1364803884879194; frame-ancestors *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-490ba64299ef9641a8a9c319b4adfd89' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1364803884879194; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-490ba64299ef9641a8a9c319b4adfd89' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
x-envoy-upstream-service-time: 88
content-encoding: gzip
referrer-policy: origin
x-pinterest-rid: 1364803884879194
date: Mon, 14 Feb 2022 19:07:36 GMT
vary: User-Agent, Accept-Encoding
x-cdn: fastly
pinterest-generated-by: coreapp-webapp-prod-0a03d568
pinterest-version: 94487bb

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.ca/ct.html
x-envoy-upstream-service-time: 80
content-encoding: gzip
referrer-policy: origin
x-pinterest-rid: 9540442213814020
date: Mon, 14 Feb 2022 19:07:36 GMT
vary: User-Agent, Accept-Encoding
x-cdn: fastly
pinterest-generated-by: coreapp-webapp-prod-0a039e31
pinterest-version: 94487bb

GET
H3 404 cart Show response
baf-fin.xyz/ 371 B
768 B 108ms
107ms Fetch
text/html 2606:4700:3037::6815:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baf-fin.xyz/cart?view=drawer&timestamp=1644865656737
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2MPirNUkVbjS2ANO4G4I%2BYtx%2BhZg2OJHbMZk3UigPtkZVCGgLQWiuNUQKCy30%2FQQ6MVZy9O7CKJZZoQ1Owzl4A8hvdCDR14RUmyPFj%2BH5JxWwfhSbGw5Zz0MQapT0f6A1%2FMHwxuBFiing%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 6dd89492aa1d7133-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 i
p.yotpo.com/ 35 B
278 B 25ms
24ms Image
image/gif 54.158.135.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=star_rating&se_ac=loaded&se_la=category_page&se_va=WnuxtcN2yD1lCJLBZmNuCdIJ2AOtFlZLFHvfeUVr&cx=eyJwdl91dWlkIjo5MzczODA4OTcsImRvbWFpbl9rZXkiOlsiNzE4Nzk0MDYzOTIzIiwiNzIyNTAwMDI2NDE5IiwiNzI0MTQ4MzIyMzU1IiwiNzI0MTQ1MzA3Njk5IiwiNzE4NzY2Mzc0OTYzIiwiNDc4OTk4NDYyNDcxMSIsIjcyNDE0NTk2MzA1OSIsIjcyNDE0NTY2ODE0NyIsIjcyMjQ5OTA0MzM3OSIsIjcyMjUwMDQ1MjQwMyIsIjcyMjUwMDMyMTMzMSIsIjcyMjQ5OTczMTUwNyIsIjcyMjUwMDQ4NTE3MSIsIjcyMjQ5ODkxMjMwNyIsIjcyMjQ5OTEwODkxNSIsIjcyNDE0ODM4Nzg5MSJdLCJjb3VudF9wcm9kdWN0cyI6MTYsImRhdGFfc291cmNlIjoiZGVmYXVsdCJ9&dtm=1644865656778&tid=813069&vp=1600x1200&ds=1600x4655&vid=1&duid=f2ed887f9263da24&p=web&tv=js-0.13.2&fp=839606422&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fbaf-fin.xyz%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.135.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-135-134.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
cache-control: max-age=86400, private
server: nginx
content-type: image/gif
content-length: 35
expires: Tue, 15 Feb 2022 19:07:36 GMT

GET
H3 200 videoplayback Show response
rr5---sn-t0a7ln7d.googlevideo.com/ Frame C573 64 KB
64 KB 56ms
12ms XHR
audio/webm 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-t0a7ln7d.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=252759&dur=15.041&lmt=1635750831675722&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRQIger-nnpXAoVJ57jtNa_brYN43KPu01MQacAGfn0vD1XYCIQCg1vxn1viL9TnOImWTW2cO_dxGTJCnctq1d0p389zEXQ%3D%3D&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&mh=PR&mm=29&mn=sn-t0a7ln7d&ms=rdu&mt=1644865493&mv=m&mvi=5&pl=32&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJg4LF4cB2sqaGCj7ENe4A5WY-IbzIsobBK6rYpn_o6jAiEAoC7WIZ55JC4obV6-YnTbWb4zVCdy8wgOAzKHn_U8k_s%3D&range=0-65828&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d02b0859b8e28896b44e1c6b99f6e36409447e78cf97666e1f76939e0229fd6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65829
client-protocol: quic
last-modified: Mon, 01 Nov 2021 07:13:51 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 14 Feb 2022 19:07:36 GMT

GET
H3 200 videoplayback Show response
rr5---sn-t0a7ln7d.googlevideo.com/ Frame C573 175 KB
175 KB 71ms
30ms XHR
video/webm 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-t0a7ln7d.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=1049961&dur=15.014&lmt=1635750834112399&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgR4mXPcyPjf9kNqw8JFSkeeiKhG75WednvsBSCrENLOUCIEjCUgEtL131VnQinhxf0qfGJXtoeT1KJVZLNOmYoL4L&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&mh=PR&mm=29&mn=sn-t0a7ln7d&ms=rdu&mt=1644865493&mv=m&mvi=5&pl=32&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgRH2FwyA9O2aGmp-qo1HvAMdrBaXmoL-S35evWQ3bYPcCIEygFb_CO4kA668p-K8lGONrHy74tQALRjL475HAMHKl&range=0-179532&rn=4&rbuf=0&altitags=243%2C242

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

92a42040f54fb34d7fae937b5e11d94831270ee68ad8be843e367495c85a1f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179533
client-protocol: quic
last-modified: Mon, 01 Nov 2021 07:13:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 14 Feb 2022 19:07:36 GMT

GET
H2 200 fender_analytics.faf169848e9b3745ad70.js Show response
static-tracking.klaviyo.com/onsite/js/ 22 KB
8 KB 66ms
10ms Script
application/x-javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.faf169848e9b3745ad70.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=MqcjRF&shop=baffin-inc.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dea7455a056e5ecdc6321af45fedcc60c1b93670d92e1f27e430ec487f1f8871

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: Cp663xl7cFQ15_8of5Jb8q6HWsRrsEkS
content-encoding: gzip
age: 1306
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7500
x-amz-id-2: Msuzhtd/Scg2XzHHj9UojTA0/hZBSSarEKbMjsTqvKO+bfdrXWlJmo7xZNVebnf6oyZdgod8DMk=
x-served-by: cache-lga21959-LGA, cache-yul12823-YUL
last-modified: Mon, 14 Feb 2022 18:44:28 GMT
server: AmazonS3
etag: "2749e6d7ad38fb2b40f5a60663b027e0"
vary: Accept-Encoding
x-amz-request-id: W6TEYPKMKC9ZD94V
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Mon, 14 Feb 2022 19:07:36 GMT
x-cache-hits: 1, 1827

GET
H2 200 static.d1d24fbee4e1f0340b1d.js Show response
static-tracking.klaviyo.com/onsite/js/ 13 KB
6 KB 65ms
10ms Script
application/x-javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.d1d24fbee4e1f0340b1d.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=MqcjRF&shop=baffin-inc.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea379836abb44dec116b360856f9a27ac75df9115928b45f053e82eca5fe35ef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: d07lMQKvx4Zg0U2APxtOrBtBsfH5twFs
content-encoding: gzip
age: 1306
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5457
x-amz-id-2: 3fwDUXRmLREa5gFfoCsRnaxv7vSgXAZPKkqv7xGeT7hcY9rGHmTRWc8wpJMnt7Jl6JQlymYgUqQ=
x-served-by: cache-lga21930-LGA, cache-yul12823-YUL
last-modified: Mon, 14 Feb 2022 18:44:28 GMT
server: AmazonS3
etag: "e090ed99d1a7ad606b13d34ed64fe74e"
vary: Accept-Encoding
x-amz-request-id: W6T46MVCC2ZSVBCS
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Mon, 14 Feb 2022 19:07:36 GMT
x-cache-hits: 1, 1828

GET
H2 200 sharedUtils.b70852ec86792ccd3ae6.js Show response
static.klaviyo.com/onsite/js/ 49 KB
15 KB 11ms
11ms Script
application/x-javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.b70852ec86792ccd3ae6.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=MqcjRF&shop=baffin-inc.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e04cc1cecb33c6cb59c5bdc2a7ec38e26289e86360363715009a41940f0adda3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: lWo4zWmmJ42q_3S1GwABCgI2fdm3AwTQ
content-encoding: gzip
age: 1306
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 14726
x-amz-id-2: G0friMxX1mp5tGlnVlN76wFeoIupgHDgBatWNrYW1+Z0I8qCV95EnAj6KauKi8A2Ic+qGFWk88U=
x-served-by: cache-lga21963-LGA, cache-yul12829-YUL
last-modified: Mon, 07 Feb 2022 23:27:43 GMT
server: AmazonS3
etag: "c6898718e04a7f3aeab2c0e5eaa0dc58"
vary: Accept-Encoding
x-amz-request-id: VP2NP9RZF3QQW9B6
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Mon, 14 Feb 2022 19:07:36 GMT
x-cache-hits: 1, 1520

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/2TIXCSBXGRG6FFDNARQPOD/ 77 KB
22 KB 98ms
23ms Script
text/javascript 2600:9000:2120:ce00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/2TIXCSBXGRG6FFDNARQPOD/roundtrip.js
Requested by: Host: assets1.adroll.com
URL: https://assets1.adroll.com/shopify/latest/j/shopify_rolling_bootstrap_v2.js?adroll_adv_id=2TIXCSBXGRG6FFDNARQPOD&adroll_pix_id=R7IUSZNLAVDX5BDARFCZKX&shop=baffin-inc.myshopify.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ce00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82a3eb00f4bd8a43f4950c73fc9e685103551c6568228b3b1a04d023c84948d3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: ufa349BGYS3dPWXbJRODmDQ00L9qCxv_
Content-Encoding: gzip
Etag: W/"37a6b1f68246d41ebc4e3b06983329aa"
Age: 3257
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Feb 2022 21:39:16 GMT
Server: AmazonS3
Date: Mon, 14 Feb 2022 18:13:20 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR52-C4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ZPYQh0Te_Xy4ldGPKH6jICwtRxG0RGWK-i5mp4McZLtH8dixxOCu0A==

GET
H2 200 widget_app_base_1644329375050.js Show response
cdn.userway.org/widgetapp/2022-02-08/ 98 KB
27 KB 154ms
43ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-02-08/widget_app_base_1644329375050.js
Requested by: Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js?account=bpsJ1cpJQP&platfAppInstalledSiteId=1331632&shop=baffin-inc.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cf407ebb5fcd2683554310d37a6a7670e735d43ff3366a45d60b73c14d2aaeca

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 14 Feb 2022 19:07:36 GMT
via: 1.1 978d7ccfdbed8c0e3015142e29dd5c5c.cloudfront.net (CloudFront)
x-77-nzt-ray: Ndb1QMs6ev8=
age: 37
x-77-cache: HIT
x-cache: HIT
x-age: 535444
content-encoding: br
x-77-nzt: AZySJBY9tTv/lCsIAA==
x-accel-expires: @1670250212
last-modified: Tue, 08 Feb 2022 14:10:52 GMT
server: CDN77-Turbo
etag: W/"e6375a313c07fc5e84561814f0bbd73b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=25920000, public
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: FGl5KNkPr5BNLdiE3ojCUC07ueSg9ObI5N36Z_0-Fxwq1qo7Mq07UQ==

GET
H3 404 browsing_context_suggestions.json Show response
baf-fin.xyz/ 371 B
768 B 105ms
105ms Fetch
text/html 2606:4700:3037::6815:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baf-fin.xyz/browsing_context_suggestions.json?source=geolocation_recommendation&country[enabled]=true&country[exclude]=CA&currency[enabled]=true&currency[exclude]=CAD&language[enabled]=true&language[exclude]=en&
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFUq62LRJImE4OD5Ir8YPmTkj5wuApp6tH203rKB0SyujnZPUBov%2FyXkfyya%2FNHG65LlrCTKuHGNdXV4VMAAtPNDJnOMQJ77UyyS8U2YUYX80yk%2BAs1Ly7%2F4CtVPEoW%2FjLceXMNqH00kKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 6dd894933aef7133-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 checkAndGet Show response
swymstore-v3free-01.swymrelay.com/api/v3/provider/ 3 KB
1 KB 312ms
126ms XHR
application/json 51.143.53.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://swymstore-v3free-01.swymrelay.com/api/v3/provider/checkAndGet?pid=SMpNbS9hgPQxMXsrj%2FOK9pCxPNVva8z%2BPTqgVAezL4o%3D
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.143.53.193 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Jetty(9.4.22.v20191022) /
Resource Hash: 3f8a7189e86e6030e9bc2dae9d8a87d634a756481a88ed25aa4c45378de28c88

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: https://baf-fin.xyz
date: Mon, 14 Feb 2022 19:07:37 GMT
content-encoding: gzip
server: Jetty(9.4.22.v20191022)
content-type: application/json;charset=utf-8

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/5511C7149F629EADDFF0ED42/ 17 KB
3 KB 128ms
103ms XHR
application/json 2606:4700:10::ac43:246a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/5511C7149F629EADDFF0ED42/campaigns.json?s=j&l=https%3A%2F%2Fbaf-fin.xyz%2F&user_uuid=b13c46f8-2a43-43e0-9c50-a2510707d092&fence=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:246a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d718f6412c21bbaa3dbedc13b3a3505a0a265c2dcecc038756e45a082560f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ipcountry: CA
date: Mon, 14 Feb 2022 19:07:37 GMT
x-ippostalcode
cf-cache-status: DYNAMIC
access-control-allow-origin: *
access-control-request-method: *
content-encoding: gzip
x-request-id: cf7bace9-42c6-4d93-a4e8-d4aec96c0c4e
server: cloudflare
etag: W/"7d718f6412c21bbaa3dbedc13b3a3505"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
via: 1.1 vegur
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: CA_
cf-ray: 6dd89493b998ca6f-YUL

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 374ms
24ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=90222&shop=baffin-inc.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Feb 2022 19:07:37 GMT

GET
H3 200 videoplayback Show response
rr1---sn-apaapm4g-apae.googlevideo.com/ Frame C573 1 KB
1 KB 194ms
94ms XHR
text/plain 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=PR&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-tt1eln7l&ms=au%2Crdu&mv=m&mvi=1&pl=32&initcwndbps=512500&vprv=1&mime=video%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=1880799&dur=15.014&lmt=1635750834632123&mt=1644865260&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgKpoGEAYJ3X7_AyBiZEDOkt1FFjqPpXrNwVRaGahwK6cCIHAqThGciEWL5Yh33HusX5eaLJHe-oo2bU3S0Tq1JuCY&alr=yes&sig=AOq0QJ8wRAIgb5Mn2rWL-6oCVPwpT5GCqs_XF30cR-Hy_orjreg_dikCIGPdDqyjbeltXv-zBYJVl_lkJYVs9_7A8OtY5tor0Pk7&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&range=0-268&rn=5&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

97969ec0c37276ceaead42732fd87e31fb21942b4e3b3a7f9be2fceb8b55ec73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
client-protocol: quic
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 14 Feb 2022 19:07:37 GMT

GET
H3 200 videoplayback Show response
rr5---sn-t0a7ln7d.googlevideo.com/ Frame C573 175 KB
175 KB 11ms
11ms XHR
video/webm 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-t0a7ln7d.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=1049961&dur=15.014&lmt=1635750834112399&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgR4mXPcyPjf9kNqw8JFSkeeiKhG75WednvsBSCrENLOUCIEjCUgEtL131VnQinhxf0qfGJXtoeT1KJVZLNOmYoL4L&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&mh=PR&mm=29&mn=sn-t0a7ln7d&ms=rdu&mt=1644865493&mv=m&mvi=5&pl=32&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgRH2FwyA9O2aGmp-qo1HvAMdrBaXmoL-S35evWQ3bYPcCIEygFb_CO4kA668p-K8lGONrHy74tQALRjL475HAMHKl&range=179533-358796&rn=6&rbuf=2609

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

afcd080d430b727d27884c198df487c63e43e94af79399b178fcd566084ea785

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179264
client-protocol: quic
last-modified: Mon, 01 Nov 2021 07:13:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 14 Feb 2022 19:07:36 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/2TIXCSBXGRG6FFDNARQPOD/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

20ms
20ms

Script
application/javascript

2600:9000:2120:ce00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2120:ce00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 43634
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Mon, 14 Feb 2022 07:01:18 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR52-C4
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pg3kxfdOsM1eRbReAkghUKqICQ-zK1aoYR2yLjkdQH0rmaizLR5UBg==

Redirect headers

Date: Mon, 14 Feb 2022 00:44:12 GMT
Via: 1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
Age: 66203
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR52-C4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: EG-merLMlgzPVTbNI8bHBEpzAQC3Zltq05nAEprkf5BPY_s4Yiv4Jw==

GET
H3 204 playback
www.youtube.com/api/stats/ Frame C573 0
17 B 38ms
37ms Image
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=mmqxx-5TpZoqv1Ou&ver=2&cmt=0.008&fmt=244&fs=0&rt=0.69&euri=https%3A%2F%2Fbaf-fin.xyz%2F&lact=765&cl=427307184&mos=1&volume=100&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220208.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=CA&len=15&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082661%2C24135310%2C24166123%2C24167177&rtn=5&afmt=251&size=1600%3A1200&inview=0&muted=1&docid=KfsCaZROU8Q&ei=eKgKYqyMEouJ_9EPkriAoAw&plid=AAXX_yEl_vL0fnsp&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKfsCaZROU8Q%3Fshowinfo%3D0%26controls%3D0%26fs%3D0%26rel%3D0%26height%3D100%2525%26width%3D100%2525%26iv_load_policy%3D3%26html5%3D1%26loop%3D1%26playsinline%3D1%26modestbranding%3D1%26disablekb%3D1%26origin%3Dhttps%253A%252F%252Fbaf-fin.xyz%26enablejsapi%3D1%26widgetid%3D1&of=H3hR-ao7PIvoKL9ZEuOnbA&vm=CAQQARgCOjJBS1JhaHdEZnM4elFwYldDYkJxcXJuSWQ1U0xHRHgwQlV2QWZOelNnYVhFQno2SW9JUWJQQVBta0tES196YzdGOFVyRUpaQm1lUXM3bVJrUzFsdm04OFo3YlJkUEx2akpObmY1Wm50dk14VHB3TDc2cl9QaG05MWdNOWZRbUJWVjYxMWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:36 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking
www.youtube.com/ Frame C573 0
17 B 38ms
37ms Image
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=KfsCaZROU8Q&cpn=mmqxx-5TpZoqv1Ou&ei=eKgKYqyMEouJ_9EPkriAoAw&ptk=youtube_single&oid=ZP6trPnP707Uw7I8kjT4Eg&pltype=contentugc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:36 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.ca/pagead/1p-user-list/962985656/ Frame C573
Redirect Chain

https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220208&foc_id=2Hpm81CXGDqgFC1OhBB3JQ&label=followon_view&ptype=no_rmkt&random=124869931
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220208&foc_id=2Hpm81CXGDqgFC1OhBB3JQ&label=followon_view&ptype=no_rmkt&random=124869931...
https://www.google.com/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220208&label=followon_view&ptype=no_rmkt&random=124869931&is_vtc=0&random=3853726269
https://www.google.ca/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220208&label=followon_view&ptype=no_rmkt&random=124869931&is_vtc=0&random=3853726269&ipr=y

42 B
64 B

46ms
46ms

Image
image/gif

2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220208&label=followon_view&ptype=no_rmkt&random=124869931&is_vtc=0&random=3853726269&ipr=y

Protocol

Server

2607:f8b0:4006:824::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.ca/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220208&label=followon_view&ptype=no_rmkt&random=124869931&is_vtc=0&random=3853726269&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr5---sn-t0a7ln7d.googlevideo.com/ Frame C573 64 KB
64 KB 11ms
11ms XHR
audio/webm 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6bb5f93404dff5e0876e1c502e35755dfe811652cc6a408cba1d6290d0cfdb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65651
client-protocol: quic
last-modified: Mon, 01 Nov 2021 07:13:51 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 14 Feb 2022 19:07:36 GMT

POST
H2 204 /
www.pinterest.ca/_/_/csp_report/ Frame C103 0
4 KB 59ms
57ms Other
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.ca/_/_/csp_report/?rid=1364803884879194

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-5d57938cdc4df7ea569be69771c53bb7' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1491128049264910; frame-ancestors 'self' , script-src 'nonce-5d57938cdc4df7ea569be69771c53bb7' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1491128049264910
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a03fba6
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-5d57938cdc4df7ea569be69771c53bb7' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 31
x-pinterest-rid: 1491128049264910
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 14 Feb 2022 19:07:37 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: 94487bb
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-5d57938cdc4df7ea569be69771c53bb7' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1491128049264910; frame-ancestors 'self' , script-src 'nonce-5d57938cdc4df7ea569be69771c53bb7' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1491128049264910
timing-allow-origin: https://www.pinterest.ca

POST
H2 204 /
www.pinterest.ca/_/_/csp_report/ Frame C103 0
4 KB 99ms
98ms Other
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.ca/_/_/csp_report/?reportonly

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-4467e53004c9428730b1537f1c0d30a8' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7913586071155953; frame-ancestors 'self' , script-src 'nonce-4467e53004c9428730b1537f1c0d30a8' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7913586071155953
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a039526
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-4467e53004c9428730b1537f1c0d30a8' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 74
x-pinterest-rid: 7913586071155953
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 14 Feb 2022 19:07:37 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: 94487bb
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-4467e53004c9428730b1537f1c0d30a8' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7913586071155953; frame-ancestors 'self' , script-src 'nonce-4467e53004c9428730b1537f1c0d30a8' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7913586071155953
timing-allow-origin: https://www.pinterest.ca

POST
H2 204 /
www.pinterest.ca/_/_/csp_report/ Frame C103 0
4 KB 100ms
99ms Other
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.ca/_/_/csp_report/?reportonly

Requested by

Host: baf-fin.xyz
URL: https://baf-fin.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-4cae45a422e3fd29a264f86c83854756' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7143270525780413; frame-ancestors 'self' , script-src 'nonce-4cae45a422e3fd29a264f86c83854756' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7143270525780413
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a03a5e5
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-4cae45a422e3fd29a264f86c83854756' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 74
x-pinterest-rid: 7143270525780413
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 14 Feb 2022 19:07:37 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: 94487bb
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-4cae45a422e3fd29a264f86c83854756' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-ca.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7143270525780413; frame-ancestors 'self' , script-src 'nonce-4cae45a422e3fd29a264f86c83854756' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7143270525780413
timing-allow-origin: https://www.pinterest.ca

GET
H3 200 videoplayback Show response
rr5---sn-t0a7ln7d.googlevideo.com/ Frame C573 8 KB
8 KB 12ms
11ms XHR
video/webm 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-t0a7ln7d.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=1049961&dur=15.014&lmt=1635750834112399&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgR4mXPcyPjf9kNqw8JFSkeeiKhG75WednvsBSCrENLOUCIEjCUgEtL131VnQinhxf0qfGJXtoeT1KJVZLNOmYoL4L&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&mh=PR&mm=29&mn=sn-t0a7ln7d&ms=rdu&mt=1644865493&mv=m&mvi=5&pl=32&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgRH2FwyA9O2aGmp-qo1HvAMdrBaXmoL-S35evWQ3bYPcCIEygFb_CO4kA668p-K8lGONrHy74tQALRjL475HAMHKl&range=358797-367040&rn=8&rbuf=5219

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

de8e99451a4c87e214d017efa78867d0bb36f386513969fc080c3a84235f5923

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:36 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8244
client-protocol: quic
last-modified: Mon, 01 Nov 2021 07:13:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 14 Feb 2022 19:07:36 GMT

GET
H3 200 videoplayback Show response
rr5---sn-t0a7ln7d.googlevideo.com/ Frame C573 287 KB
287 KB 11ms
11ms XHR
video/webm 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-t0a7ln7d.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=1049961&dur=15.014&lmt=1635750834112399&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgR4mXPcyPjf9kNqw8JFSkeeiKhG75WednvsBSCrENLOUCIEjCUgEtL131VnQinhxf0qfGJXtoeT1KJVZLNOmYoL4L&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&mh=PR&mm=29&mn=sn-t0a7ln7d&ms=rdu&mt=1644865493&mv=m&mvi=5&pl=32&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgRH2FwyA9O2aGmp-qo1HvAMdrBaXmoL-S35evWQ3bYPcCIEygFb_CO4kA668p-K8lGONrHy74tQALRjL475HAMHKl&range=367041-661227&rn=9&rbuf=5339

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cf60af051dd971bc612d98fc98532a13ae159421f11277045ea230757fa135ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 294187
client-protocol: quic
last-modified: Mon, 01 Nov 2021 07:13:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 14 Feb 2022 19:07:37 GMT

POST
H2 200 bpsJ1cpJQP Show response
api.userway.org/api/tunings/ 2 KB
2 KB 251ms
85ms XHR
application/json 54.186.207.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/bpsJ1cpJQP
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.207.31 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-207-31.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b35294fe2026658b9ad289c423eca92c288cc284de29f13b2a2c622bdd0514fd

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
etag: W/"6e5-6JsAKMOOsLuCZnMFGvcllbnvCp0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 1765
x-service-version: uw-pr

GET
H3 200 videoplayback Show response
rr5---sn-t0a7ln7d.googlevideo.com/ Frame C573 269 B
295 B 79ms
79ms XHR
video/webm 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-t0a7ln7d.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=1880799&dur=15.014&lmt=1635750834632123&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgb5Mn2rWL-6oCVPwpT5GCqs_XF30cR-Hy_orjreg_dikCIGPdDqyjbeltXv-zBYJVl_lkJYVs9_7A8OtY5tor0Pk7&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&mh=PR&mm=29&mn=sn-t0a7ln7d&ms=rdu&mt=1644865493&mv=m&mvi=5&pl=32&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOO0TJniM7hKGn98vRfMx4yrQC7GblIpf4cM-rrEBP9mAiEAzdq6ZDnS-KO9w9omo7ehVLrlejqjyDGJNuwKrxTi5Qo%3D&range=0-268&rn=10&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5c10eb767efb82342c06763f8c90afbb4a98469528981db1c9a7cfafab862089

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269
client-protocol: quic
last-modified: Mon, 01 Nov 2021 07:13:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 14 Feb 2022 19:07:37 GMT

GET
H2 200 apps.bundle.js Show response
swymv3free-01.azureedge.net/code/v3/ 206 KB
55 KB 19ms
18ms Script
application/javascript 2620:1ec:46::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://swymv3free-01.azureedge.net/code/v3/apps.bundle.js?v=3.0.13
Requested by: Host: swymv3free-01.azureedge.net
URL: https://swymv3free-01.azureedge.net/code/swym-shopify.js?shop=baffin-inc.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 83ecad4e4f6489d21f59992a4ec2a80f7e59549a3f7405d5a77e1f3562f6074d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: br
x-azure-ref-originshield: 0OhsKYgAAAADMM8dGTU3kSqBtuzXYjiN7RVdSMzBFREdFMDUxOQBmZjkzODEwYi0zMTZmLTQzYmYtOTUyYS1hZDUxMGIyNmJmNDE=
content-md5: LxBvExJ/DGMwIYX1kmKtUg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 11 Feb 2022 09:03:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9ED3D6A0903C6
x-azure-ref: 0eagKYgAAAABi+92dZLQNSb1DNOrPkgNDWVRPMDFFREdFMDYyMQBmZjkzODEwYi0zMTZmLTQzYmYtOTUyYS1hZDUxMGIyNmJmNDE=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ccb79f72-a01e-0064-7f81-216e75000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19

GET
H2 200 2TIXCSBXGRG6FFDNARQPOD Show response
d.adroll.com/consent/check/ 387 B
857 B 118ms
24ms Script
application/javascript 34.226.254.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2TIXCSBXGRG6FFDNARQPOD?arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&_s=1200f9649bfb297acf93469714274880&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/2TIXCSBXGRG6FFDNARQPOD/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.254.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-117.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 1bc054403b1bed1405ae766b29685b74460ad7c4ed040701a27c9f12fe233651

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 387
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H3 404 cart.js Show response
baf-fin.xyz/ 371 B
779 B 18ms
18ms XHR
text/html 2606:4700:3037::6815:582
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baf-fin.xyz/cart.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pej%2F1p3Gcihj1%2F%2BBVGB8vkZLuIn7tMK%2FKxmXXPo3byoGmycpeQuZqrvqaekvE8HVPgWbN%2BTURMdmKVfOpN1lgsMRtv2rpRMKfwBCwgjQ2AVPRnJMybaTH8IB1qCDJAkT2mTVaomhHgSaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6dd894965ed07133-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vendors~legacy_widget~modern_widget-9b43b441411518f2a8e8.chunk.js Show response
assets.privy.com/packs/js/ 39 KB
12 KB 39ms
24ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/vendors~legacy_widget~modern_widget-9b43b441411518f2a8e8.chunk.js

Requested by

Host: shopify.privy.com
URL: https://shopify.privy.com/widget.js?shop=baffin-inc.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c170980918a868418e987ba0be556132c10c25f3e013abcbc7c09a1e026dbb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
via: 1.1 vegur, 1.1 be2bc6f826ea9bebe879d48a50a29432.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 1171
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 12515
last-modified: Mon, 14 Feb 2022 18:27:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
cf-ray: 6dd894967d3e4bcb-YUL
x-amz-cf-id: letWfIossQs1THGX7tHfpClX4xeN6fOqCnfzaM84Fb9r3epCTuMUnw==

GET
H2 200 vendors~legacy_widget-9462af9750603d07a1c7.chunk.js Show response
assets.privy.com/packs/js/ 107 KB
36 KB 35ms
21ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/vendors~legacy_widget-9462af9750603d07a1c7.chunk.js

Requested by

Host: shopify.privy.com
URL: https://shopify.privy.com/widget.js?shop=baffin-inc.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b131ba082aafd05f5a404767886886bc5830afa410a4cdee0e8a03c00613da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
via: 1.1 vegur, 1.1 890550823a9a161b47289586a4b1b944.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 2100
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 36739
last-modified: Mon, 14 Feb 2022 18:27:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
cf-ray: 6dd894967d394bcb-YUL
x-amz-cf-id: vMQceIsY0eeDYhuydTbBkyjILmahRpHQw9cTqq9rmW2JcF-jRsjITA==

GET
H2 200 legacy_widget-576987fe276c68db192c.chunk.js Show response
assets.privy.com/packs/js/ 234 KB
61 KB 36ms
22ms Script
application/javascript 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/legacy_widget-576987fe276c68db192c.chunk.js

Requested by

Host: shopify.privy.com
URL: https://shopify.privy.com/widget.js?shop=baffin-inc.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80a7f5318222e62167b767d3ab5e994556a55c52bba0761ca774bba52bbe7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
via: 1.1 vegur, 1.1 483c6b691461cafe6d23d15d609dc486.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 2100
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 61848
last-modified: Mon, 14 Feb 2022 18:27:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: YUL62-C1
accept-ranges: bytes
cf-ray: 6dd894967d3c4bcb-YUL
x-amz-cf-id: XrJ2D9_n_sl5-XTjgUDccchA8dU6ydLMjRr2rSmjGtYHSZPPTiGNzg==

GET
H3 200 videoplayback Show response
rr5---sn-t0a7ln7d.googlevideo.com/ Frame C573 118 KB
118 KB 11ms
11ms XHR
audio/webm 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

aba2b2c326918e25082af81c4c8aadf8e948c712f2eca834c2acb7e195a0d9a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121279
client-protocol: quic
last-modified: Mon, 01 Nov 2021 07:13:51 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 14 Feb 2022 19:07:37 GMT

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame C573 0
20 B 39ms
38ms Ping
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=mmqxx-5TpZoqv1Ou&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082661%2C24135310%2C24166123%2C24167177&cl=427307184&seq=2&docid=KfsCaZROU8Q&ei=eKgKYqyMEouJ_9EPkriAoAw&event=streamingstats&plid=AAXX_yEl_vL0fnsp&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKfsCaZROU8Q%3Fshowinfo%3D0%26controls%3D0%26fs%3D0%26rel%3D0%26height%3D100%2525%26width%3D100%2525%26iv_load_policy%3D3%26html5%3D1%26loop%3D1%26playsinline%3D1%26modestbranding%3D1%26disablekb%3D1%26origin%3Dhttps%253A%252F%252Fbaf-fin.xyz%26enablejsapi%3D1%26widgetid%3D1&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220208.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.689:0.008,1.206:0.485&vps=0.689:PL,1.206:PL,1.206:PL&user_intent=0&vfs=1.206:247:247:244:r&view=1.206:1600:1200&bwm=1.206:917402:2.024&bwe=1.206:830622&bat=1.206:1:1&bh=1.206:7.374&df=1.206:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr5---sn-t0a7ln7d.googlevideo.com/ Frame C573 720 KB
720 KB 11ms
11ms XHR
video/webm 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-t0a7ln7d.googlevideo.com/videoplayback?expire=1644887256&ei=eKgKYqyMEouJ_9EPkriAoAw&ip=2607%3A5300%3A60%3A7867%3A%3A10&id=o-AOKqui5UmtetCL1S9povuuMw0KFJ-U7WznVCBLE44AHv&itag=247&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=AP0AkcA5rnDZmFCbjj310N0G&gir=yes&clen=1880799&dur=15.014&lmt=1635750834632123&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=MN3gkQacOl6Z4w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&alr=yes&sig=AOq0QJ8wRAIgb5Mn2rWL-6oCVPwpT5GCqs_XF30cR-Hy_orjreg_dikCIGPdDqyjbeltXv-zBYJVl_lkJYVs9_7A8OtY5tor0Pk7&cpn=mmqxx-5TpZoqv1Ou&cver=1.20220208.01.00&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&mh=PR&mm=29&mn=sn-t0a7ln7d&ms=rdu&mt=1644865493&mv=m&mvi=5&pl=32&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAOO0TJniM7hKGn98vRfMx4yrQC7GblIpf4cM-rrEBP9mAiEAzdq6ZDnS-KO9w9omo7ehVLrlejqjyDGJNuwKrxTi5Qo%3D&range=1143299-1880798&rn=12&rbuf=10310

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cb1da281a5791a4688cd7e69369a4ad684e70ba52a5c4c0c4216e50e28fc7cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 737500
client-protocol: quic
last-modified: Mon, 01 Nov 2021 07:13:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 14 Feb 2022 19:07:37 GMT

POST
H2 200 collect Show response
events.privy.com/v2/ 0
121 B 65ms
51ms XHR
text/html 2606:4700:10::ac43:246a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.privy.com/v2/collect

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:246a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-ray: 6dd894981edcca6f-YUL
date: Mon, 14 Feb 2022 19:07:37 GMT
access-control-request-method: *
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
via: 1.1 vegur
x-request-id: acb54575-9f08-42da-8641-f869d9bcc2a3

GET
H2 200 widget-e8dc59dd3f82b950d9b23b5cdd873a42551700081b572534a6f595c55bd15125.css
assets.privy.com/assets/ 244 KB
25 KB 19ms
18ms Stylesheet
text/css 2606:4700:10::6816:156c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/assets/widget-e8dc59dd3f82b950d9b23b5cdd873a42551700081b572534a6f595c55bd15125.css

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/legacy_widget-576987fe276c68db192c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:156c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d258eccb44527059bf2fa6efc2b4db66ae17b5b5b88b7291a0b4769dc2fcd7c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
via: 1.1 vegur, 1.1 bb784f1db0a47d55a8953c84e49cfa35.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
cf-cache-status: HIT
age: 2451
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 25070
last-modified: Mon, 13 Dec 2021 21:48:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
cf-ray: 6dd89498a86e4bcb-YUL
x-amz-cf-id: _R8G4GU5Nlf10SrK0-KSSiAG9j4w8cYIAxyzX8HSI8UaCqPeX9gEoA==

GET
H2

200

collect
google-analytics.com/
Redirect Chain

https://privymktg.com/collect?v=1&cid=b13c46f8-2a43-43e0-9c50-a2510707d092&cd1=5511C7149F629EADDFF0ED42&tid=UA-20331028-1&t=pageview&ci=5511C7149F629EADDFF0ED42&cm=web&cn=5511C7149F629EADDFF0ED42&e...
https://google-analytics.com/collect?v=1&cid=b13c46f8-2a43-43e0-9c50-a2510707d092&cd1=5511C7149F629EADDFF0ED42&tid=UA-20331028-1&t=pageview&ci=5511C7149F629EADDFF0ED42&cm=web&cn=5511C7149F629EADDFF...

35 B
393 B

74ms
19ms

Image
image/gif

2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://google-analytics.com/collect?v=1&cid=b13c46f8-2a43-43e0-9c50-a2510707d092&cd1=5511C7149F629EADDFF0ED42&tid=UA-20331028-1&t=pageview&ci=5511C7149F629EADDFF0ED42&cm=web&cn=5511C7149F629EADDFF0ED42&ec=widget&dl=https%3A%2F%2Fbaf-fin.xyz%2F&dt=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&ul=en-US&z=8106163910451931

Protocol

Server

2607:f8b0:4006:820::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 19:54:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83568
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 14 Feb 2022 19:07:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66582kUvGTG8GMwyZZd%2F4U0VRbs6VVBNDQD1abmZeetWY0U2dOTRHskR5B8nlcEHxiFPhupBaYn%2Byz1SM5KIJ7%2FOvwNAplxsiItIUjNUTLW9GEuE9BZ8KtdY3yPft7meNnnnGDbR0IePUlIv"}],"group":"cf-nel","max_age":604800}
location: https://google-analytics.com/collect?v=1&cid=b13c46f8-2a43-43e0-9c50-a2510707d092&cd1=5511C7149F629EADDFF0ED42&tid=UA-20331028-1&t=pageview&ci=5511C7149F629EADDFF0ED42&cm=web&cn=5511C7149F629EADDFF0ED42&ec=widget&dl=https%3A%2F%2Fbaf-fin.xyz%2F&dt=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&ul=en-US&z=8106163910451931
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6dd89498ef95ca6f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 secondaryStyles.js Show response
swymv3free-01.azureedge.net/code/v3/ 38 KB
5 KB 18ms
18ms Script
application/javascript 2620:1ec:46::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://swymv3free-01.azureedge.net/code/v3/secondaryStyles.js?v=3.0.13
Requested by: Host: swymv3free-01.azureedge.net
URL: https://swymv3free-01.azureedge.net/code/v3/apps.bundle.js?v=3.0.13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::40 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9d75f5810616619332082a32e306df4fbe31d6f8a48e5d866f38628f7204f54c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 14 Feb 2022 19:07:36 GMT
content-encoding: br
x-azure-ref-originshield: 0RhsKYgAAAADlaPJd4O4pQ4NMqhQpg9KTRVdSMzBFREdFMDUxNABmZjkzODEwYi0zMTZmLTQzYmYtOTUyYS1hZDUxMGIyNmJmNDE=
content-md5: QWaS5piedbFcDZ6R79g9Mw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Fri, 11 Feb 2022 09:03:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9ED3D6A6E1F88
x-azure-ref: 0eagKYgAAAABKYYfpMIvJQL/UDbmkyPdhWVRPMDFFREdFMDYyMQBmZjkzODEwYi0zMTZmLTQzYmYtOTUyYS1hZDUxMGIyNmJmNDE=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bef76c06-401e-006c-6d81-21747a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 54E5 13 KB
5 KB 77ms
26ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=baf-fin.xyz&origin=onetag&gdpr=0&gdpr_consent=null

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2966
date: Mon, 14 Feb 2022 19:07:37 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK onsiteloader.js Show response
s.adroll.com/onsite_personalization/production/0.1/loader/ 2 KB
2 KB 19ms
19ms Script
application/javascript 2600:9000:2120:ce00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/2TIXCSBXGRG6FFDNARQPOD/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ce00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: jCG0Y9XUUOQKBmsnFB0TVFtRkjlhb5c.
Content-Encoding: gzip
Etag: W/"73534cc70057d4d96ec3c5a56ad5d4ef"
X-Amz-Cf-Pop: EWR52-C4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Mon, 14 Feb 2022 19:07:38 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Dltj5AFvCV8OHtDIeCrTy48D30fL2wVNncc2Hy2uG3yvtuo5FDq5Ng==

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 11 KB
4 KB 34ms
18ms Script
text/javascript 2600:9000:2120:ce00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/2TIXCSBXGRG6FFDNARQPOD/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ce00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: sBWSZHkFa7pjM3czAoACEH9Nk3RE73jm
Content-Encoding: gzip
Etag: W/"c317a5be7d65fa0c4d68d9735af020e4"
Age: 2133
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
Last-Modified: Fri, 11 Feb 2022 15:05:57 GMT
Server: AmazonS3
Date: Mon, 14 Feb 2022 18:32:10 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR52-C4
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: A2EWMp8iiISYXcNfqOQnJYs8hn0QOZva57DvxxYezW7XslQ2kTjPhA==

GET
H2 200 R7IUSZNLAVDX5BDARFCZKX Show response
d.adroll.com/segment/2TIXCSBXGRG6FFDNARQPOD/ 42 B
928 B 24ms
23ms XHR
image/gif 34.226.254.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/segment/2TIXCSBXGRG6FFDNARQPOD/R7IUSZNLAVDX5BDARFCZKX?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&pv=52695641647.617195&cookie=&adroll_s_ref=&keyw=&adroll_external_data=&adroll_version=2.0
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.254.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-117.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-pixel-eid: R7IUSZNLAVDX5BDARFCZKX
date: Mon, 14 Feb 2022 19:07:37 GMT
x-advertisable-eid: 2TIXCSBXGRG6FFDNARQPOD
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.20.0
x-rule: *
x-segment-eid: OFOLVIZ7ERFHHLA3Q6QIQB
content-type: image/gif
access-control-allow-origin: https://baf-fin.xyz
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-segment-name: *
access-control-allow-headers: *
x-conversion-currency

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expiration=1676401657
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expiration=1676401657&C=1

43 B
1 KB

50ms
50ms

Image
image/gif

23.221.203.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expiration=1676401657&C=1
Protocol: HTTP/1.1
Server: 23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-203-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 19:07:38 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 14 Feb 2022 19:07:38 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 19:07:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expiration=1676401657&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 14 Feb 2022 19:07:38 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expires=365

42 B
799 B

101ms
26ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expires=365
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&expires=365
pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/onevideo/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD
https://pixel.advertising.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP603aec86-8dc9-11ec-88cc-0a...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP603aec86-8dc9-11ec-88cc-0a...

0
122 B

27ms
27ms

Image
text/plain

52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP603aec86-8dc9-11ec-88cc-0a77597fca49&verify=true

Protocol

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:38 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP603aec86-8dc9-11ec-88cc-0a77597fca49&verify=true
date: Mon, 14 Feb 2022 19:07:38 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ

0
477 B

99ms
20ms

Image
text/plain

70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ
Protocol: HTTP/1.1
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 19:07:38 GMT
Cache-Control: no-cache
X-TraceId: 43f472135802905dfe9dc0435b3813e2
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ
pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
589 B

327ms
81ms

Image
image/gif

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:37 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug019:0:440
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
194 B

103ms
29ms

Image
text/plain

2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:38 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ

0
222 B

77ms
18ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17265

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ
pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&advertisable=2TIXCSBXGRG6FFDNARQPOD
https://eb2.3lift.com/xuid?mid=4714&xuid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

32ms
32ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date: Mon, 14 Feb 2022 19:07:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
d.adroll.com/uev/2TIXCSBXGRG6FFDNARQPOD/R7IUSZNLAVDX5BDARFCZKX/ 2 B
594 B 46ms
45ms Image
text/plain 34.226.254.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/uev/2TIXCSBXGRG6FFDNARQPOD/R7IUSZNLAVDX5BDARFCZKX/?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&event_name=homeView&adroll_version=2.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.254.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-117.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
x-conversion-value
content-type: text/plain
server: nginx/1.20.0
date: Mon, 14 Feb 2022 19:07:37 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-event-name: homeView
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: R7IUSZNLAVDX5BDARFCZKX
x-event-attributes
x-advertisable-eid: 2TIXCSBXGRG6FFDNARQPOD
content-length: 2
x-conversion-currency

GET
H2 200 /
d.adroll.com/uev/2TIXCSBXGRG6FFDNARQPOD/R7IUSZNLAVDX5BDARFCZKX/ 2 B
596 B 45ms
45ms Image
text/plain 34.226.254.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/uev/2TIXCSBXGRG6FFDNARQPOD/R7IUSZNLAVDX5BDARFCZKX/?adroll_fpc=c9136df4ece8a25c4989e63ab1840912-1644865657769&arrfrr=https%3A%2F%2Fbaf-fin.xyz%2F&event_name=productView&adroll_version=2.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.254.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-117.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
x-conversion-value
content-type: text/plain
server: nginx/1.20.0
date: Mon, 14 Feb 2022 19:07:37 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-event-name: productView
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: R7IUSZNLAVDX5BDARFCZKX
x-event-attributes
x-advertisable-eid: 2TIXCSBXGRG6FFDNARQPOD
content-length: 2
x-conversion-currency

GET
H2 200 remediation_1644329375050.js Show response
cdn.userway.org/widgetapp/2022-02-08/remediation/ 144 KB
35 KB 59ms
58ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-02-08/remediation/remediation_1644329375050.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-02-08/widget_app_base_1644329375050.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a504fc82e27bb51fa7b227007629478acb1390a7331d7797efcb584fb7805501

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 14 Feb 2022 19:07:37 GMT
via: 1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
x-77-nzt-ray: 57ICimV4e4k=
x-amz-cf-pop: EWR53-P1
x-77-cache: HIT
x-cache: HIT
x-age: 535332
content-encoding: br
x-77-nzt: AZySJBak5tX/JCsIAA==
x-accel-expires: @1670250325
last-modified: Tue, 08 Feb 2022 14:10:52 GMT
server: CDN77-Turbo
etag: W/"ac7cd6ab46463b6509093ae033363837"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=25920000, public
x-amz-cf-id: 1HEIg0QYq2qiE2d9y2AlBk3wcdnZAAB0pkQW4m0plW7Ew9TSodvjKw==

GET
H2 200 PdrOkWdOXZwnzASn.json Show response
cdn.userway.org/remediations/consolidated/1331632/ 982 KB
68 KB 109ms
36ms XHR
application/json 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1331632/PdrOkWdOXZwnzASn.json
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5fa462dc614affcfe1f33c3802537ed109294c49994de10ff1a4566f5078712b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 14 Feb 2022 19:07:38 GMT
via: 1.1 4208b3c43704306e2eddbba95ee93dc5.cloudfront.net (CloudFront)
etag: W/"fb5a3221b44a07c90330c2a1bf514941"
age: 56
x-77-cache: HIT
x-cache: HIT
x-age: 4161281
content-encoding: br
vary: Accept-Encoding, Origin
x-77-nzt: AZySJBbl+Jr/AX8/AA==
x-accel-expires: @1672240377
last-modified: Tue, 28 Dec 2021 15:11:38 GMT
server: CDN77-Turbo
x-77-nzt-ray: fNfMnJR36FU=
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: https://baf-fin.xyz
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
x-amz-cf-pop: YUL62-C1
x-amz-cf-id: ObRnIslc4k4eXjfMtziXJQxGpDnSDrIphIdC7dSjKmLW3E2W0casVA==

GET
H2 200 live_translations_1644329375050.js Show response
cdn.userway.org/widgetapp/2022-02-08/translations/ 7 KB
3 KB 44ms
44ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-02-08/translations/live_translations_1644329375050.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-02-08/widget_app_base_1644329375050.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cb902272a5ac5cfed85843d388731efcda7503fada97f19151ec9a440fe8cd75

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 14 Feb 2022 19:07:38 GMT
via: 1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
x-77-nzt-ray: GqlVEzdKOCI=
age: 1
x-77-cache: HIT
x-cache: HIT
x-age: 535332
content-encoding: br
x-77-nzt: AZySJBasZL//JCsIAA==
x-accel-expires: @1670250326
last-modified: Tue, 08 Feb 2022 14:10:52 GMT
server: CDN77-Turbo
etag: W/"aebcd814b50958daf0752c8f6410470f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=25920000, public
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: Jla7lqqfzDtaqCNkaVv7Y9xgYZPM-rhKkBK-gA6LZlce5pjPj-wZoQ==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
940 B 44ms
43ms Image
image/svg+xml 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 14 Feb 2022 19:07:38 GMT
via: 1.1 9edd97b808f35ec81d31fc57c74508ce.cloudfront.net (CloudFront)
x-77-nzt-ray: r0XhQwZTh7Y=
x-amz-cf-pop: YUL62-C1
x-edge-origin-shield-skipped: 0
x-cache: HIT
x-age: 11802110
content-encoding: br
x-77-nzt: AZySJBbnOvn//hW0AA==
x-accel-expires: @1658983548
last-modified: Thu, 30 Sep 2021 16:45:19 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-cache: HIT
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-id: 8_96-QStG-i0wNkFnmwbE8leHwG9EbkiCSZFhs68C2FonAKlGdrSyg==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
970 B 45ms
44ms Image
image/svg+xml 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 14 Feb 2022 19:07:38 GMT
via: 1.1 2fe59031aaa28adeac35bcf3408ddadb.cloudfront.net (CloudFront)
x-77-nzt-ray: oVG1FpTXt8A=
age: 489384
x-77-cache: HIT
x-cache: HIT
x-age: 7380435
content-encoding: br
x-77-nzt: AZySJBZ/KEz/051wAA==
x-accel-expires: @1663405223
last-modified: Mon, 15 Nov 2021 12:37:32 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-pop: YUL62-C1
x-amz-cf-id: bovQTUwBKwKYWfGlFDrV-n97AGNQpNPnkVhqqRrW0nNCmSuyNgkMkw==

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
567 B 143ms
103ms Ping
text/plain 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 19:07:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-us-central1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 336f7bfc-0917-4164-843c-1645c2c4e173
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://baf-fin.xyz
access-control-allow-credentials: true
cf-ray: 6dd8949d186e53e9-YYZ
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 31ms
31ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://baf-fin.xyz
date: Mon, 14 Feb 2022 19:07:38 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
465 B 64ms
37ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Teko:wght@500;600&display=swap

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/vendors~legacy_widget~modern_widget-9b43b441411518f2a8e8.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd75a46cf1dba42cdb6a5d40390b349e954f62a0b4d33e06b0076c51781b8fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 19:07:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 19:07:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 19:07:38 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
478 B 62ms
36ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Hind:wght@300;400&display=swap

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/vendors~legacy_widget~modern_widget-9b43b441411518f2a8e8.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbee8db91ddddd202d78add8c1fb28e0d291241ba1a15eaad72802cdad9e652b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 19:07:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 19:07:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 19:07:38 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C573 28 B
51 B 44ms
43ms XHR
application/json 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20220208.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZSGFLOEI2SFRUOCj30KqQBg%3D%3D
X-YouTube-Ad-Signals: dt=1644865656034&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 14 Feb 2022 19:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 54E5
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=baf-fin.xyz&sn=ChromeSyncframe&so=0&topUrl=baf-fin.xyz&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=yB8xwHxzZWtCR2s5WnN4dUZlL2JmeFU0N0dwZzVMck4xdDh2YkRUNklRcTRTUm9Velk4WjkrTmVKUWtlanVoTTdIQ2xocTIyNTdid0k3Z0k3LzROTENLY25uUUJMNys1ZU9Zbm8rQTAyaEtNaTFFa25KZGI3UjNzU2hzdF...

419 B
623 B

185ms
27ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yB8xwHxzZWtCR2s5WnN4dUZlL2JmeFU0N0dwZzVMck4xdDh2YkRUNklRcTRTUm9Velk4WjkrTmVKUWtlanVoTTdIQ2xocTIyNTdid0k3Z0k3LzROTENLY25uUUJMNys1ZU9Zbm8rQTAyaEtNaTFFa25KZGI3UjNzU2hzdFRyaHJhUENVUERzVkIwdGVFWHEyeldZWEd1cktmSTA3cm5jeFA1NzU5bHZRWlhQdHM3S0crSktveU5ndW4zU3YwWmpLM1lHRmJ5aUVkYy80ZlVXc0YzWG9QL1d6bmMxZkFJU2w0b0xsMjVYN3lJMUxVSWE1eHZjcEV0NkFaaGE4Z1RpWWYwL2Ivc04yK0VYTjR5QUpnVmVvUGxVUm5VQT09fA&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=baf-fin.xyz&origin=onetag&gdpr=0&gdpr_consent=null

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

4274a7adcfc5e20127b323482cf85588e6a29b541edf5b1be3dcc51d982d90e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:38 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5959
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:37 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=yB8xwHxzZWtCR2s5WnN4dUZlL2JmeFU0N0dwZzVMck4xdDh2YkRUNklRcTRTUm9Velk4WjkrTmVKUWtlanVoTTdIQ2xocTIyNTdid0k3Z0k3LzROTENLY25uUUJMNys1ZU9Zbm8rQTAyaEtNaTFFa25KZGI3UjNzU2hzdFRyaHJhUENVUERzVkIwdGVFWHEyeldZWEd1cktmSTA3cm5jeFA1NzU5bHZRWlhQdHM3S0crSktveU5ndW4zU3YwWmpLM1lHRmJ5aUVkYy80ZlVXc0YzWG9QL1d6bmMxZkFJU2w0b0xsMjVYN3lJMUxVSWE1eHZjcEV0NkFaaGE4Z1RpWWYwL2Ivc04yK0VYTjR5QUpnVmVvUGxVUm5VQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1858
content-length: 541
expires: 0

GET
H/1.1 200
OK main.39c29e42.js Show response
s.adroll.com/onsite_personalization/production/0.1/static/js/ 336 KB
100 KB 55ms
19ms Script
application/javascript 2600:9000:2120:ce00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/js/main.39c29e42.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ce00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f

Request headers

Referer: https://baf-fin.xyz/
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 23:14:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 71604
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 22 Dec 2021 19:15:34 GMT
Server: AmazonS3
Etag: W/"86fbdc8ff56a043dffe520cd42b1e7b9"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
X-Amz-Version-Id: VbMgk_gXghimoZRhj6QFui2WfE6aoopb
Via: 1.1 00a6901a148285ca8b56f0d0c1104a48.cloudfront.net (CloudFront)
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR52-C4
Content-Type: application/javascript
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: RtZL4_UCLnFOJI4cOmAZLfI_Q_loXEac-34k7Nf18bdhmRgIZWdg5Q==

GET
H/1.1 200
OK main.2a90a3dd.css
s.adroll.com/onsite_personalization/production/0.1/static/css/ 25 KB
4 KB 20ms
19ms Stylesheet
text/css 2600:9000:2120:ce00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/0.1/static/css/main.2a90a3dd.css
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/onsite_personalization/production/0.1/loader/onsiteloader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ce00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: stG5rI47SkR3xxZTGnejIIBdHw6mvWlq
Content-Encoding: gzip
Etag: W/"3b96be16936102d8935969d4c53c212f"
X-Amz-Cf-Pop: EWR52-C4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Thu, 09 Dec 2021 21:03:21 GMT
Server: AmazonS3
Date: Mon, 14 Feb 2022 19:07:38 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Via: 1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _wDYeC_GfMJqbnZwwK0y3eIpKr14KtpEDcyUSHNXbb0kKJF5akhPwg==

GET
H3 200 2318933541705492 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 89ms
89ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2318933541705492?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56a8bdd173f1b7a4df36f5412234960e646f3ee025a744ebee12891d174ce3c1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: K0B2JNr9hezmYz0VNL52Qttnv7+0xsmvgo43zQTDVVNEyAMI4T796R10Pp91Ku7taJJjJ3epOb+47irIEXxjCA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Feb 2022 19:07:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b623ddc0ffdd2d29de3f2c10690bf1c7c33e39b317dcb538ddf6e6f6091cd483

Request headers

Referer
Origin: https://baf-fin.xyz
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 mega_menu_helper1644329375050.js Show response
cdn.userway.org/widgetapp/2022-02-08/remediation/ 6 KB
2 KB 44ms
44ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-02-08/remediation/mega_menu_helper1644329375050.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-02-08/widget_app_base_1644329375050.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b858fbf1c94720a10efd051bb77913405aa0413edc6497ecbbdcdc0dcc768720

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 14 Feb 2022 19:07:38 GMT
via: 1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
x-77-nzt-ray: HviGh763JF4=
age: 1
x-77-cache: HIT
x-cache: HIT
x-age: 535331
content-encoding: br
x-77-nzt: AZySJBbIOLT/IysIAA==
x-accel-expires: @1670250327
last-modified: Tue, 08 Feb 2022 14:10:52 GMT
server: CDN77-Turbo
etag: W/"35e9e94b529d2837ad3efd774c7b968a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=25920000, public
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: vvOFKfka8-_RKdK6SwLTKbxIiJCTpQ5qmaLvkmR9-UxM_I9AtN3cDg==

GET
H2 200 yotpo_widget_1644329375050.js Show response
cdn.userway.org/widgetapp/2022-02-08/remediation/ 2 KB
1 KB 44ms
44ms Script
application/javascript 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-02-08/remediation/yotpo_widget_1644329375050.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-02-08/widget_app_base_1644329375050.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 188b80ab89ee038827797480799fd00d0ba0f19ffa5dbcf613d7ce2c6655e448

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 14 Feb 2022 19:07:38 GMT
via: 1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
x-77-nzt-ray: DouPgIwXnB8=
age: 5
x-77-cache: HIT
x-cache: HIT
x-age: 535327
content-encoding: br
x-77-nzt: AZySJBalJjz/HysIAA==
x-accel-expires: @1670250331
last-modified: Tue, 08 Feb 2022 14:10:52 GMT
server: CDN77-Turbo
etag: W/"8790c752468f4f779e1f6e7e40028043"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=25920000, public
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: m4zK9JTyj1DKNi5YSQNkzokybpe28IQDKPV9t0PYvjXEr6DJ4kAoNA==

GET
H2 200 search_small.png
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 1004 B
1 KB 11ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/search_small.png?v=5183730473030594921

Requested by

Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-02-08/remediation/remediation_1644329375050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

83e5e3bbfe16160efd0b73627d1de0eb0b50e5373644f4594043a8cf6eb2b6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.152,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 1004
x-xss-protection: 1; mode=block
x-request-id: a0c6001f1dab3f4941647e02221f8bd2
x-served-by: cache-lga21956-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865659.750533,VS0,VE0
date: Mon, 14 Feb 2022 19:07:38 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/search_small.png>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 account_small.png
cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/ 1002 B
1 KB 11ms
10ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/account_small.png?v=6601223193476409940

Requested by

Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-02-08/remediation/remediation_1644329375050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12834-YUL /

Resource Hash

ce832ec8cd46f7bec9f6212e9119cbfc4d3083f164486548691e3048dc713d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.095,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 1002
x-xss-protection: 1; mode=block
x-request-id: 265c0177aa9565d2d368ba97e783804f
x-served-by: cache-lga21936-LGA, cache-yul12834-YUL
server: cache-yul12834-YUL
x-timer: S1644865659.751022,VS0,VE0
date: Mon, 14 Feb 2022 19:07:38 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0023/0657/2339/t/99/assets/account_small.png>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 204 0
bat.bing.com/action/ 0
119 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17527110&Ver=2&mid=f4f75f66-148f-485d-ab02-9a8fde32c03d&sid=5e920f208dc911ecb7076f72df94941a&vid=5e9266c08dc911ec9fac27de5da2eb1f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Baffin%20Boots%20%26%20Footwear%20%7C%20Born%20in%20the%20North%20%2779%20%E2%80%93%20Baffin%20-%20Born%20in%20the%20North%20%2779&p=https%3A%2F%2Fbaf-fin.xyz%2F&r=&lt=1409&evt=pageLoad&msclkid=N&sv=1&rn=559463
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FDFE435604644E19A032A95987790F02 Ref B: YTO01EDGE0820 Ref C: 2022-02-14T19:07:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
97 B 34ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17527110&Ver=2&mid=f4f75f66-148f-485d-ab02-9a8fde32c03d&sid=5e920f208dc911ecb7076f72df94941a&vid=5e9266c08dc911ec9fac27de5da2eb1f&vids=0&pagetype=home&en=Y&evt=custom&msclkid=N&rn=391050
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CCC73DA97B4947D2944E7ABECF4981C5 Ref B: YTO01EDGE0820 Ref C: 2022-02-14T19:07:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK no_builder_customizations.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/2TIXCSBXGRG6FFDNARQPOD/ 2 B
752 B 316ms
316ms XHR
binary/octet-stream 2600:9000:2120:ce00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/2TIXCSBXGRG6FFDNARQPOD/no_builder_customizations.json
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ce00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: QbdLURsJZb2AwBZ9gFMPXmaSDkY_L0SV
Via: 1.1 00a6901a148285ca8b56f0d0c1104a48.cloudfront.net (CloudFront)
Etag: "99914b932bd37a50b983c5e7c90ae93b"
X-Amz-Cf-Pop: EWR52-C4
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 2
Last-Modified: Tue, 07 Sep 2021 05:54:11 GMT
Server: AmazonS3
Date: Mon, 14 Feb 2022 19:07:40 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: NPQVPiEiqJfy_PyUzrCCdHtEQYPX7W_7ArLO6t4rqIlpWjdRzB2MiQ==

GET
H/1.1 200
OK config.json Show response
s.adroll.com/onsite_personalization/production/advertiser-personalizations/2TIXCSBXGRG6FFDNARQPOD/ 2 KB
2 KB 145ms
109ms XHR
binary/octet-stream 2600:9000:2120:ce00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/onsite_personalization/production/advertiser-personalizations/2TIXCSBXGRG6FFDNARQPOD/config.json
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:ce00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6eee8d47515575b82ed7d5adfcd38f397822ad296fed60b3d71f630435b376e5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Amz-Version-Id: 8pRY3sFtReoa4czjfxj43P6mqUIYJGLx
Via: 1.1 6265ab4d72053dc7cb93b359f1255480.cloudfront.net (CloudFront)
Etag: "c448a13ceb4be109469eb88896eb4996"
X-Amz-Cf-Pop: EWR52-C4
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 1702
Last-Modified: Tue, 07 Sep 2021 05:54:10 GMT
Server: AmazonS3
Date: Mon, 14 Feb 2022 19:07:39 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fJaRpmJOjBW1unGjQmOmxojoosBnFWktDV0M5D37ldf1QqXrQv3yYA==

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2318933541705492&ev=PageView&dl=https%3A%2F%2Fbaf-fin.xyz%2F&rl=&if=false&ts=1644865658891&cd[segment_eid]=OFOLVIZ7ERFHHLA3Q6QIQB&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=29&fbp=fb.1.1644865655296.153488880&it=1644865654581&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 14 Feb 2022 19:07:38 GMT

GET
H2 200 3009624906045363 Show response
api.userway.org/api/remediation/moderation/by-page/1331632/ 3 KB
4 KB 80ms
80ms XHR
application/json 54.186.207.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/remediation/moderation/by-page/1331632/3009624906045363
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.207.31 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-207-31.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:39 GMT
etag: W/"d16-qwWPihnPAtk7XZWAy/N6f6+uD/Y"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 3350
x-service-version: uw-pr

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=90222&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-mc&p3=e%3Ddis&adce=1&bundle=S1hR1F8wZW9xeEthcCUyRnlBa...
https://widget.us.criteo.com/event?a=90222&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-mc&p3=e%3Ddis&adce=1&bundle=S1hR1F8wZW9xeEthcCUyRnlBa...

7 KB
8 KB

207ms
39ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=90222&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-mc&p3=e%3Ddis&adce=1&bundle=S1hR1F8wZW9xeEthcCUyRnlBaERlQ2Rib2c0RXl4aE9Tc29jQUhUQ1Y0MGF2NWlNN1hyM0lNM3ZzUDBucWlWcVd0NXJGTVdqYXNOYnhvckVtamVEQTV0cjBJJTJCSjJTd3kxNGNNakpMQzJrbTJac3diZzRyN0ZmRWExUUU3b0dWZHdHdmdpbXhvaGlESTRPVVVYOWNMNVZxMjFqa1pRJTNEJTNE&tld=baf-fin.xyz&dy=1&dtycbr=42230&gra=0&grs=null&grv=2

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5438f5788f33be9bcc51c88528abe879d12d8b65079bb4b86d2c725861061c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:39 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15802813
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:38 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://widget.us.criteo.com/event?a=90222&v=5.8.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26z%3D&p2=e%3Dvh%26ecpplugin%3Dshopify-mc&p3=e%3Ddis&adce=1&bundle=S1hR1F8wZW9xeEthcCUyRnlBaERlQ2Rib2c0RXl4aE9Tc29jQUhUQ1Y0MGF2NWlNN1hyM0lNM3ZzUDBucWlWcVd0NXJGTVdqYXNOYnhvckVtamVEQTV0cjBJJTJCSjJTd3kxNGNNakpMQzJrbTJac3diZzRyN0ZmRWExUUU3b0dWZHdHdmdpbXhvaGlESTRPVVVYOWNMNVZxMjFqa1pRJTNEJTNE&tld=baf-fin.xyz&dy=1&dtycbr=42230&gra=0&grs=null&grv=2
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4311858
timing-allow-origin: *
content-length: 0
expires: 0

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 135ms
74ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://baf-fin.xyz
date: Mon, 14 Feb 2022 19:07:39 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3

200

397596.gif
idsync.rlcdn.com/ Frame 6B92
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=nf2WBZG2esKjEMAnXMFxa14UeqVGyirT

42 B
60 B

56ms
43ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=nf2WBZG2esKjEMAnXMFxa14UeqVGyirT
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 19:07:40 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=nf2WBZG2esKjEMAnXMFxa14UeqVGyirT
date: Mon, 14 Feb 2022 19:07:39 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3622
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
widget.us.criteo.com/dis/rtb/google/ Frame 6B92
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay0xM3Q4MjhSYkgtSW4yNW5VV0NUbXVxRzRuUXdQNnpPSTVoVW1nQQ
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
https://widget.us.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
368 B

23ms
23ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.us.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:39 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 90077
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://widget.us.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
date: Mon, 14 Feb 2022 19:07:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 683200
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame 6B92
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA&custom=&tag_format=img&tag_action=sync&custom=&cb=c6fa46ea-0d1a-4ee3-bcab-8f3007e...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=c6fa46ea-0d1a-4ee...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=f678d41e-42ed-48fc-947c-13a04b7f58ba&tag_format=img&tag_action=sync&cb=

0
590 B

41ms
40ms

Image
text/plain

3.224.160.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=f678d41e-42ed-48fc-947c-13a04b7f58ba&tag_format=img&tag_action=sync&cb=
Protocol: HTTP/1.1
Server: 3.224.160.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-160-131.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 19:07:40 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.16.1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=f678d41e-42ed-48fc-947c-13a04b7f58ba&tag_format=img&tag_action=sync&cb=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2 400 362338.gif
idsync.rlcdn.com/ Frame 6B92 0
0 81ms
41ms Image
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA&ct=3&cv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 6B92
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d5781633-260d-4ccd-8f79-fe223c33f4ed%252C&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d5781633-260d-4ccd-8f79-fe223c33f4ed%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f678d41e-42ed-48fc-947c-13a04b7f58ba&ttd_puid=d5781633-260d-4ccd-8f79-fe223c33f4ed%2C

95 B
430 B

37ms
37ms

Image
image/png

107.178.246.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f678d41e-42ed-48fc-947c-13a04b7f58ba&ttd_puid=d5781633-260d-4ccd-8f79-fe223c33f4ed%2C

Protocol

Server

107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.246.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:40 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f678d41e-42ed-48fc-947c-13a04b7f58ba&ttd_puid=d5781633-260d-4ccd-8f79-fe223c33f4ed%2C
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 353

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 6B92 0
40 B 32ms
29ms Image
text/plain 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:39 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 6B92 43 B
717 B 70ms
22ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:39 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 14 Feb 2022 19:07:39 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 6B92 0
407 B 33ms
30ms Image
text/plain 52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-cwAa_sRbH-In25nUWCTmuqG4nQwxwWlaNO3xJw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:39 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 6B92 0
313 B 22ms
21ms Image
text/plain 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-OBgHSsRbH-In25nUWCTmuqG4nQxsWfAwbvFZvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 19:07:39 GMT
Cache-Control: no-cache
X-TraceId: 449bb837dce5c080f58bdd8cc360bc50
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 6B92 0
425 B 607ms
47ms Image
text/plain 23.198.216.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.216.120 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-216-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:40 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 14 Feb 2022 19:07:40 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 6B92 42 B
799 B 27ms
25ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-GHZJ3MRbH-In25nUWCTmuqG4nQzdDcb3kicPWA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8eb2d9eeed9b9c468975d0ba24565e5b
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 6B92
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-r2fQhcRbH-In25nUWCTmuqG4nQyI7sTokDl_3A&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-r2fQhcRbH-In25nUWCTmuqG4nQyI7sTokDl_3A%26seg%3D95287

43 B
1 KB

17ms
17ms

Image
image/gif

68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-r2fQhcRbH-In25nUWCTmuqG4nQyI7sTokDl_3A%26seg%3D95287

Protocol

HTTP/1.1

Server

68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 19:07:40 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 6db44def-263e-4ce2-ad58-2c97d0bc211f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 19:07:39 GMT
X-Proxy-Origin: 149.56.153.183; 149.56.153.183; 564.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: ef7aacb9-9e2d-4cdf-9793-1933965fe062
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-r2fQhcRbH-In25nUWCTmuqG4nQyI7sTokDl_3A%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixelCt.tpmn
ad.tpmn.co.kr/ Frame 6B92 170 B
601 B 239ms
191ms Image
image/png 34.102.166.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-ckuK58RbH-In25nUWCTmuqG4nQxIhnP7MNmP5Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:39 GMT
content-encoding: gzip
vary: accept-encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: image/png;charset=utf-8
alt-svc: clear
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame 6B92 43 B
866 B 567ms
189ms Image
image/gif 124.146.215.46
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-phdz-8RbH-In25nUWCTmuqG4nQyu8dhr4zdPfg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.46 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-SO-Cluster-ID: 18
Date: Mon, 14 Feb 2022 19:07:40 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-phdz-8RbH-In25nUWCTmuqG4nQyu8dhr4zdPfg","cluster_id":18,"gdpr":false,"ipv4":"149.56.153.183","key":"YgqofMCo8YMAANeuGFYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad338"}
X-SO-Ads-Time: 5
X-SO-Key: YgqofMCo8YMAANeuGFYAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad338
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: m-ad338.dc4p.scaleout.jp
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-SO-LB-Hostname: m-tgng31.dc4p.scaleout.jp
X-SO-IP: 149.56.153.183

GET
H/1.1 200
OK sync
adgen.socdm.com/rtb/ Frame 6B92 43 B
827 B 702ms
200ms Image
image/gif 124.146.215.3
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 124.146.215.3 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-SO-Cluster-ID: 57
Date: Mon, 14 Feb 2022 19:07:40 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":57,"gdpr":false,"ipv4":"149.56.153.183","key":"YgqofMCo8HoAAPoJVa4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40129"}
X-SO-Ads-Time: 2
X-SO-Key: YgqofMCo8HoAAPoJVa4AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40129
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: a-ad40129.dc2p.scaleout.jp
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-SO-LB-Hostname: m-ng22.dc4p.scaleout.jp
X-SO-IP: 149.56.153.183

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6B92 42 B
676 B 251ms
27ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-18_8qcRbH-In25nUWCTmuqG4nQyDehFQbV-lgQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 13:33:51 GMT
cache-control: no-store, no-cache, private
x-lat: va2pug008:0:2931
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 /
cs.adingo.jp/sync/ Frame 6B92 43 B
414 B 84ms
25ms Image
image/gif 3.213.64.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=k-BXH7oMRbH-In25nUWCTmuqG4nQxu8pVUzVcQBw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.64.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-64-42.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:40 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 xuid
eb2.3lift.com/ Frame 6B92 37 B
354 B 28ms
27ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-siiVxcRbH-In25nUWCTmuqG4nQzX46vACKbEAA&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame 6B92 45 B
783 B 105ms
50ms Image
image/gif 23.52.167.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-4pbTssRbH-In25nUWCTmuqG4nQxw2JR-ruseXA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-167-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 14 Feb 2022 19:07:40 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 14 Feb 2022 19:07:40 GMT

GET
H2 200 /
sync.ad-stir.com/ Frame 6B92 43 B
455 B 581ms
186ms Image
image/gif 54.150.59.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=CRITEO&uid=k-xrWkucRbH-In25nUWCTmuqG4nQwDyJlaidmkIw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.59.174 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-59-174.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:40 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate
content-length: 43
expires: 0

GET
H/1.1 200
OK rum
r.casalemedia.com/ Frame 6B92 43 B
1 KB 150ms
45ms Image
image/gif 23.221.203.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-EwF8gMRbH-In25nUWCTmuqG4nQxcYRpcYrdv5Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.203.181 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-203-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 19:07:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 14 Feb 2022 19:07:40 GMT

GET
H2 204 pixel
adx.dable.io/ Frame 6B92 0
142 B 663ms
215ms Image
text/plain 3.34.78.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-7hks6MRbH-In25nUWCTmuqG4nQxxpBiz8nzbPg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.34.78.228 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-34-78-228.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:40 GMT
server: nginx

GET
H2 204 /
s.ad.smaato.net/c/ Frame 6B92 0
241 B 73ms
20ms Image
text/plain 2600:9000:20ed:3000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-cy21xMRbH-In25nUWCTmuqG4nQyLGwreif2ynA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:3000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:40 GMT
via: 1.1 cf88880413082302757828626cf7b020.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: PHL50-C1
x-amz-cf-id: OsOyQ4PabyebZt9JDLQbSpKsAg0RYv9BKcPZjwczVvZiLAHJeZWibw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 6B92
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-E-ljBcRbH-In25nUWCTmuqG4nQzv1iHq1Oeb1g&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-E-ljBcRbH-In25nUWCTmuqG4nQzv1iHq1Oeb1g&expires=30&user_group=5

43 B
510 B

37ms
36ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-E-ljBcRbH-In25nUWCTmuqG4nQzv1iHq1Oeb1g&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 19:07:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-E-ljBcRbH-In25nUWCTmuqG4nQzv1iHq1Oeb1g&expires=30&user_group=5
Date: Mon, 14 Feb 2022 19:07:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
ad.as.amanad.adtdp.com/v1/ Frame 6B92 42 B
886 B 213ms
160ms Image
image/gif 99.84.125.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=k-04UBC8RbH-In25nUWCTmuqG4nQyBMnl3K-RmqA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.125.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-125-119.ewr52.r.cloudfront.net

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:40 GMT
via: 1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: EWR52-C3
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 42
x-xss-protection: 0
pragma: no-cache
x-amzn-trace-id: Root=1-00000000-000000000000000000000000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: sQlKUU23EwSXGmQLUAP-nj3JzZbHuySWPjKYaOq41oihb4nY7gNRTg==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 6B92 35 B
336 B 112ms
35ms Image
image/gif 34.203.16.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-__NsJ8RbH-In25nUWCTmuqG4nQxvnhUykXG6rA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.16.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-16-143.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:40 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2

200

cookiematch.aspx
widget.us.criteo.com/dis/rtb/appnexus/ Frame 6B92
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6107103107772752485
https://widget.us.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6107103107772752485

43 B
370 B

26ms
26ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.us.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6107103107772752485

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:40 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2023885
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://widget.us.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6107103107772752485
date: Mon, 14 Feb 2022 19:07:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 470242
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 6B92
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gKydl6XGyhYrDqXcpo9n0ZdgBIZLG3zE
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gKydl6XGyhYrDqXcpo9n0ZdgBIZLG3zE

42 B
945 B

86ms
85ms

Image
image/gif

52.39.245.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gKydl6XGyhYrDqXcpo9n0ZdgBIZLG3zE

Protocol

HTTP/1.1

Server

52.39.245.80 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-39-245-80.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v025-0754b959a.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2GJCc/ByQbc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v025-04102ad84.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: IHtt1CQlR38=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gKydl6XGyhYrDqXcpo9n0ZdgBIZLG3zE
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6B92 42 B
187 B 24ms
23ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:k-18_8qcRbH-In25nUWCTmuqG4nQyDehFQbV-lgQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:40 GMT
cache-control: no-store, no-cache, private
x-lat: va1pug004:0:408
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

cookiematch.aspx
widget.us.criteo.com/dis/rtb/cdb/ Frame 6B92
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/T7l7jPAe0WC8Fi7zGu84d4YqdVMwZu0h/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3237634528132622962
https://widget.us.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3237634528132622962

43 B
370 B

26ms
25ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.us.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3237634528132622962

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:40 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2144749
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://widget.us.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3237634528132622962
date: Mon, 14 Feb 2022 19:07:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 266712
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 watchtime
www.youtube.com/api/stats/ Frame C573 0
18 B 37ms
37ms Image
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=mmqxx-5TpZoqv1Ou&ver=2&cmt=4.281&fmt=247&fs=0&rt=5.001&euri=https%3A%2F%2Fbaf-fin.xyz%2F&lact=5076&cl=427307184&state=playing&volume=100%2C100&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220208.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=CA&len=15.041&rtn=15&afmt=251&idpj=-6&ldpj=-21&rti=5&size=1600%3A1200&inview=0&st=0%2C0.342&et=0.008%2C4.281&muted=1%2C1&docid=KfsCaZROU8Q&ei=eKgKYqyMEouJ_9EPkriAoAw&plid=AAXX_yEl_vL0fnsp&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKfsCaZROU8Q%3Fshowinfo%3D0%26controls%3D0%26fs%3D0%26rel%3D0%26height%3D100%2525%26width%3D100%2525%26iv_load_policy%3D3%26html5%3D1%26loop%3D1%26playsinline%3D1%26modestbranding%3D1%26disablekb%3D1%26origin%3Dhttps%253A%252F%252Fbaf-fin.xyz%26enablejsapi%3D1%26widgetid%3D1&of=H3hR-ao7PIvoKL9ZEuOnbA&vm=CAQQARgCOjJBS1JhaHdEZnM4elFwYldDYkJxcXJuSWQ1U0xHRHgwQlV2QWZOelNnYVhFQno2SW9JUWJQQVBta0tES196YzdGOFVyRUpaQm1lUXM3bVJrUzFsdm04OFo3YlJkUEx2akpObmY1Wm50dk14VHB3TDc2cl9QaG05MWdNOWZRbUJWVjYxMWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame C573 0
20 B 56ms
55ms XHR
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=mmqxx-5TpZoqv1Ou&ver=2&cmt=4.489&fmt=247&fs=0&rt=5.208&euri=https%3A%2F%2Fbaf-fin.xyz%2F&lact=5283&cl=427307184&mos=1&volume=100&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220208.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=en_US&cr=CA&len=15.041&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082661%2C24135310%2C24166123%2C24167177&afmt=251&muted=1&docid=KfsCaZROU8Q&ei=eKgKYqyMEouJ_9EPkriAoAw&plid=AAXX_yEl_vL0fnsp&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKfsCaZROU8Q%3Fshowinfo%3D0%26controls%3D0%26fs%3D0%26rel%3D0%26height%3D100%2525%26width%3D100%2525%26iv_load_policy%3D3%26html5%3D1%26loop%3D1%26playsinline%3D1%26modestbranding%3D1%26disablekb%3D1%26origin%3Dhttps%253A%252F%252Fbaf-fin.xyz%26enablejsapi%3D1%26widgetid%3D1&of=H3hR-ao7PIvoKL9ZEuOnbA&vm=CAQQARgCOjJBS1JhaHdEZnM4elFwYldDYkJxcXJuSWQ1U0xHRHgwQlV2QWZOelNnYVhFQno2SW9JUWJQQVBta0tES196YzdGOFVyRUpaQm1lUXM3bVJrUzFsdm04OFo3YlJkUEx2akpObmY1Wm50dk14VHB3TDc2cl9QaG05MWdNOWZRbUJWVjYxMWM

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20220208.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-YouTube-Ad-Signals: dt=1644865656126&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 19:07:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 63ms
62ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://baf-fin.xyz/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://baf-fin.xyz
date: Mon, 14 Feb 2022 19:07:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fbaf-fin.xyz%2F/DESKTOP/WIDGET_ON/ 77 B
417 B 80ms
79ms Fetch
application/json 54.186.207.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fbaf-fin.xyz%2F/DESKTOP/WIDGET_ON/status
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.207.31 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-186-207-31.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://baf-fin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:07:43 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 3000
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-971c848a
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C573 28 B
51 B 38ms
38ms XHR
application/json 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/KfsCaZROU8Q?showinfo=0&controls=0&fs=0&rel=0&height=100%25&width=100%25&iv_load_policy=3&html5=1&loop=1&playsinline=1&modestbranding=1&disablekb=1&origin=https%3A%2F%2Fbaf-fin.xyz&enablejsapi=1&widgetid=1
X-YouTube-Client-Version: 1.20220208.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZSGFLOEI2SFRUOCj30KqQBg%3D%3D
X-YouTube-Ad-Signals: dt=1644865656126&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 14 Feb 2022 19:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

325 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

118 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baf-fin.xyz/	1970-01-20 09:32:49	Name: _y Value: f9a2109f-B0C2-4CDE-E026-025D878F7908
.baf-fin.xyz/	1970-01-20 09:32:49	Name: _shopify_y Value: f9a2109f-B0C2-4CDE-E026-025D878F7908
.baf-fin.xyz/	1970-01-20 00:54:27	Name: _s Value: f9a210a4-7696-4A43-A20E-6B1403E64EEF
.baf-fin.xyz/	1970-01-20 00:54:27	Name: _shopify_s Value: f9a210a4-7696-4A43-A20E-6B1403E64EEF
.baf-fin.xyz/	1970-01-20 00:54:27	Name: _shopify_sa_t Value: 2022-02-14T19%3A07%3A34.471Z
.baf-fin.xyz/	1970-01-20 00:54:27	Name: _shopify_sa_p Value:
.baf-fin.xyz/	1970-01-20 03:04:01	Name: _gcl_au Value: 1.1.1290441855.1644865654
.baf-fin.xyz/	1970-01-20 18:25:37	Name: _ga Value: GA1.2.327426156.1644865655
.baf-fin.xyz/	1970-01-20 00:55:52	Name: _gid Value: GA1.2.1450588621.1644865655
.baf-fin.xyz/	1970-01-20 00:54:25	Name: _gat Value: 1
.google.com/	1970-01-20 05:17:56	Name: NID Value: 511=d5ghecfG0-UdNbbD0bBEcucXACixKE1-_1CA5gj5bjFhtq6e42h3w8Hpi0BTja30uI35kvJtm2iuYP0zKsWymJ-vkzXSwA2gqS8dsY-oxwUW0Zvq5y-48h9zLRl11-WclbFdw0bciPHJBeCt0p3a9lUb9t3ZHOvhlItSJI0K4mc
.bing.com/	1970-01-20 10:16:01	Name: MUID Value: 0954F295807269A81B2FE3DE81586854
.bat.bing.com/	1970-01-20 01:04:30	Name: MR Value: 0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: uNVaTsR7G8E
.youtube.com/	1970-01-20 05:13:37	Name: VISITOR_INFO1_LIVE Value: YHaK8B6HTT8
baf-fin.xyz/	1970-01-20 00:54:27	Name: _sp_ses.395d Value: *
.yotpo.com/	1970-01-20 09:40:01	Name: pixel Value: 2ff6668d-8162-480a-6b61-ab702a14eaa4
.baf-fin.xyz/	1970-01-20 03:04:01	Name: _fbp Value: fb.1.1644865655296.153488880
.facebook.com/	1970-01-20 03:04:01	Name: fr Value: 09SBfYgC74sQXaBZY..BiCqh3...1.0.BiCqh3.
.ct.pinterest.com/	1970-01-20 09:40:01	Name: _pinterest_ct_ua Value: "TWc9PSYvczFmRk1YY3ZaZjlQZFFRbDljU25jOTJ5Sm9Pc0JwTElQZXRnRUdKWDFEallUOHNELyt6UWV1em8vaUpNK3NUelVnZXFWSUQwcXcxb0ZqekVucERZVG1VN1VIMTRPSlhTTlpteXk1eFJNWT0meUp0Mko0bG1VdnRDYTk0NTMrNXJrRC80bmdVPQ=="
.baf-fin.xyz/	1970-01-20 09:40:01	Name: _pin_unauth Value: dWlkPVl6QXhZVEptT0RZdFlUVXpOeTAwWXpGbUxUbGpNVFF0TlRBME9XWXlORGc1WW1GaA
baf-fin.xyz/	1970-01-20 00:54:29	Name: shopify_pay_redirect Value: pending
.baf-fin.xyz/	1970-01-20 00:55:52	Name: _uetsid Value: 5e920f208dc911ecb7076f72df94941a
.baf-fin.xyz/	1970-01-20 10:16:01	Name: _uetvid Value: 5e9266c08dc911ec9fac27de5da2eb1f
.linkedin.com/	1970-01-20 03:04:01	Name: li_sugr Value: 1db556c2-03e6-44b3-b929-74925a5fa0ce
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:26:19	Name: bcookie Value: "v=2&4bab7a39-d364-434a-8cdb-1b86851abf8d"
.linkedin.com/	1970-01-20 00:55:52	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2590:u=1:x=1:i=1644865655:t=1644952055:v=2:sig=AQEDE3LhCQueVfEz0t0lLkFR75avIQfs"
.baf-fin.xyz/	1970-01-20 09:40:01	Name: _hjSessionUser_2233895 Value: eyJpZCI6IjE4NmQwZThkLWNhYTEtNTZhNS05ZDBkLWE0MzA2MjM2ZDk1NyIsImNyZWF0ZWQiOjE2NDQ4NjU2NTQ1MzcsImV4aXN0aW5nIjpmYWxzZX0=
.baf-fin.xyz/	1970-01-20 00:54:27	Name: _hjFirstSeen Value: 1
baf-fin.xyz/	1970-01-20 00:54:25	Name: _hjIncludedInSessionSample Value: 0
.baf-fin.xyz/	1970-01-20 00:54:27	Name: _hjSession_2233895 Value: eyJpZCI6IjE4MjZkYzEzLWYzOWMtNDI5OS1hYjRjLTJmZTc5NDA2NDBkYyIsImNyZWF0ZWQiOjE2NDQ4NjU2NTU4ODgsImluU2FtcGxlIjpmYWxzZX0=
baf-fin.xyz/	1970-01-20 00:54:25	Name: _hjIncludedInPageviewSample Value: 1
.linkedin.com/	1970-01-20 01:37:37	Name: UserMatchHistory Value: AQKxykhbYK_eZQAAAX75ohQpBgS9DRbZ0R05qQmJBmKflONb_U3jeKk0uF2hpDWqD7dAX80gIhg-8A
.linkedin.com/	1970-01-20 01:37:37	Name: AnalyticsSyncHistory Value: AQJoSMVHxqb2bgAAAX75ohQp32JnZOxIMs5j5QoV8Wa88GPnHfh1pA6xVu91H_5yA2WQEk2Kmdn2TBgj69ZwSg
.baf-fin.xyz/	1970-01-20 00:54:27	Name: _hjAbsoluteSessionInProgress Value: 1
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 18:26:19	Name: bscookie Value: "v=1&202202141907351adc5a57-061f-409b-848c-c69914857e77AQHsx7wW7-BZaqjwHL8AsVN2vpTNLzBw"
.c.bing.com/	1970-01-20 01:04:30	Name: MR Value: 0
.c.bing.com/	1970-01-20 10:16:01	Name: SRM_B Value: 0954F295807269A81B2FE3DE81586854
.baf-fin.xyz/	1970-01-20 09:40:01	Name: _clck Value: 131o74n\|1\|eyz\|0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:16:01	Name: MUID Value: 0954F295807269A81B2FE3DE81586854
.c.clarity.ms/	1970-01-20 01:04:30	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 00:54:26	Name: ANONCHK Value: 0
.baf-fin.xyz/	1970-01-20 00:55:52	Name: _clsk Value: b8a85w\|1644865656288\|1\|1\|i.clarity.ms/collect
.adsymptotic.com/	1970-01-20 03:04:01	Name: U Value: e3d7b489f2f6bbe50ed6bb43a67c4d6a
baf-fin.xyz/	1970-01-20 18:25:37	Name: _sp_id.395d Value: f2ed887f9263da24.1644865655.1.1644865657.1644865655
.baf-fin.xyz/	1970-01-20 00:54:27	Name: swym-session-id Value: "91jwi21hxupu1d1wvaxtomiumxec7gdjm8vnuy0syk7f5l780vuy16o0d1j322xf"
.baf-fin.xyz/	1970-01-20 09:40:01	Name: swym-pid Value: "SMpNbS9hgPQxMXsrj/OK9pCxPNVva8z+PTqgVAezL4o="
baf-fin.xyz/	1970-01-20 18:25:37	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NDQ4NjU2NTcsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vYmFmLWZpbi54eXovIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjQ0ODY1NjU3LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL2JhZi1maW4ueHl6LyJ9fQ==
www.pinterest.ca/	1970-01-20 09:32:49	Name: _pinterest_sess Value: TWc9PSZlOEJrKzRxRFZCejM0V0JFNEtyRTdsa0E4NXQ2ZUJuamxhb29pK2s4UktlK041bks5WGVpcUZRUmVLbVZsNlo0Qy9SSXhYaXovcjVkK25iMXZBR1dtR3pxS1lncEpjZTRnKzlIaUNWK01sUT0mK2hZVXduZGdPSkxMalZ0RnBxTktYaVVEK1BFPQ==
.baf-fin.xyz/	1970-01-20 00:54:27	Name: swym-o_s Value: true
.baf-fin.xyz/	1970-01-20 09:40:01	Name: swym-swymRegid Value: "V9Hv5CWeHYfUXGOt7-LfW_i8zlvt5AUsZwC4884i2EBV4stO_whtltQNngF6VOl9XUgNkp2J7Ezj13Xw3G4CF-01HcNmlxmUMeo-OvvzlNseLR-kSS4_Xb0DoWOPFzFNOXZ1szyx1Zh0eA3Ewkuj8mYOR7o0zpRENeRsH3hKd4c"
.baf-fin.xyz/	1970-01-20 09:40:01	Name: swym-email Value: null
.doubleclick.net/	1970-01-20 18:25:37	Name: IDE Value: AHWqTUk3lePATtU4xWAjmgH9Gf2KE19VSWELaVXU2gRA76YGJxOCl-5NTay5_SXd
.baf-fin.xyz/	1970-01-20 09:40:01	Name: _privy_5511C7149F629EADDFF0ED42 Value: %7B%22uuid%22%3A%22b13c46f8-2a43-43e0-9c50-a2510707d092%22%2C%22variations%22%3A%7B%7D%2C%22country_code%22%3A%22CA%22%2C%22region_code%22%3A%22CA_%22%2C%22postal_code%22%3A%22%22%7D
d.adroll.com/	1970-01-20 10:23:13	Name: __adroll Value: b5647eac653811b3c23d03f08e36a01d-a_1644865657
.adroll.com/	1970-01-20 10:23:13	Name: __adroll_shared Value: b5647eac653811b3c23d03f08e36a01d-a_1644865657
.baf-fin.xyz/	1970-01-20 09:40:01	Name: swym-cu_ct Value: undefined
.baf-fin.xyz/	1970-01-20 09:40:23	Name: __adroll_fpc Value: c9136df4ece8a25c4989e63ab1840912-1644865657769
.baf-fin.xyz/	1970-01-20 09:40:01	Name: __ar_v4 Value: %7C2TIXCSBXGRG6FFDNARQPOD%3A20220216%3A1%7CR7IUSZNLAVDX5BDARFCZKX%3A20220216%3A1
.criteo.com/	1970-01-20 10:16:01	Name: uid Value: 9785f260-3ada-41da-ba0f-3ce72a99db0e
.advertising.com/	1970-01-20 09:41:28	Name: APID Value: UP603aec86-8dc9-11ec-88cc-0a77597fca49
.taboola.com/	1970-01-20 09:40:01	Name: t_gid Value: 7e7081c5-f1a2-4fda-a53e-c1e315372569-tuct9042dfa
.3lift.com/	1970-01-20 03:04:01	Name: tluid Value: 4040192917220430015306
.outbrain.com/	1970-01-20 03:04:01	Name: obuid Value: 97a88a2a-c6b7-4e1f-9dfd-59bbce33a80c
.outbrain.com/	1970-01-20 01:37:37	Name: adrl Value: YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ
.rubiconproject.com/	1970-01-20 09:40:01	Name: khaos Value: KZN2JKU7-20-EA0T
.casalemedia.com/	1970-01-20 09:40:01	Name: CMID Value: Ygqoeq9ZmLz3v8wtvth6cwAA
.casalemedia.com/	1970-01-20 03:04:01	Name: CMPS Value: 465
.pubmatic.com/	1970-01-20 03:04:01	Name: KRTBCOOKIE_10 Value: 22808-YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ&KRTB&22883-YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ
.casalemedia.com/	1970-01-20 03:04:01	Name: CMPRO Value: 169
.yahoo.com/	1970-01-20 09:40:23	Name: A3 Value: d=AQABBHqoCmICENP9Fa7bVZvvXzRa0HVjvHYFEgEBAQH5C2IUYgAAAAAA_eMAAA&S=AQAAAqYyemXCTxxdwb9hoMgZCp4
.baf-fin.xyz/	1970-01-20 10:23:49	Name: cto_bundle Value: S1hR1F8wZW9xeEthcCUyRnlBaERlQ2Rib2c0RXl4aE9Tc29jQUhUQ1Y0MGF2NWlNN1hyM0lNM3ZzUDBucWlWcVd0NXJGTVdqYXNOYnhvckVtamVEQTV0cjBJJTJCSjJTd3kxNGNNakpMQzJrbTJac3diZzRyN0ZmRWExUUU3b0dWZHdHdmdpbXhvaGlESTRPVVVYOWNMNVZxMjFqa1pRJTNEJTNE
.outbrain.com/	1970-01-20 01:37:37	Name: criteo Value: k-OBgHSsRbH-In25nUWCTmuqG4nQxsWfAwbvFZvg
.rubiconproject.com/	1970-01-20 09:40:01	Name: audit Value: 1\|+5Vdsc5TAOueaswblSvUP9Z9d2Vb9SQkzNSZzo6DtWIeECEUBMheiovrE5L010Hu/dlUVyQXvxYwHTRO1/p4iGlty70eE65yR164mUDQhphJnKuoXdYGNmKtzDAyAc/0FR6cDYyB+1gIaFTAOdyT/TzUMVeXM9im4OXrFQPXRg0No6rTm20qSCbyzRQDbtqQCwfRAfYnv8yyqVI1k5poNA==
.analytics.yahoo.com/	1970-01-20 09:41:28	Name: IDSYNC Value: "1770~238j:18zh~238j"
.tapad.com/	1970-01-20 02:20:49	Name: TapAd_TS Value: 1644865659934
.tapad.com/	1970-01-20 02:20:49	Name: TapAd_DID Value: d5781633-260d-4ccd-8f79-fe223c33f4ed
.adnxs.com/	1970-01-20 03:04:01	Name: uuid2 Value: 6107103107772752485
.adingo.jp/	1970-01-20 01:37:37	Name: criteo_dsp Value: k-BXH7oMRbH-In25nUWCTmuqG4nQxu8pVUzVcQBw
.adnxs.com/	1970-01-20 03:04:01	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Il`nVN+t!]tbPl@/D!9hy6]/Cv]z0sV.y6DR!>k2ft4gYbD6D++Di.tx$^lZ#86%ceG/v'V'??khW@B7#4bpRzqF1`bbp9+a+nN
.tpmn.co.kr/	1970-01-20 09:40:01	Name: uuid Value: cdbb10c330de477abbfc2fb7f5e0713a
.tpmn.co.kr/	1970-01-20 01:37:37	Name: criteo Value: k-ckuK58RbH-In25nUWCTmuqG4nQxIhnP7MNmP5Q
.rlcdn.com/	1970-01-20 09:40:01	Name: rlas3 Value: OCmLEkXCMiDbU+mrxuu9/Ik/UnmSBDf/b+qVhJJJng0=
.rlcdn.com/	1970-01-20 02:20:49	Name: pxrc Value: CAA=
.media.net/	1970-01-20 09:40:01	Name: visitor-id Value: 2878672601455190000V10
.media.net/	1970-01-20 01:37:37	Name: data-c-ts Value: 1644865660
.media.net/	1970-01-20 01:37:37	Name: data-c Value: k-4pbTssRbH-In25nUWCTmuqG4nQxw2JR-ruseXA~~3
.mediawallahscript.com/	1970-01-20 18:25:37	Name: mCookie Value: 6149eb60-8dc9-11ec-a53d-13c883bb9c3e
.mediawallahscript.com/	1970-01-20 01:40:30	Name: mVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_02_2022 Value: %7B%221KTuLJ%22%3A1%7D
.mediawallahscript.com/	1970-01-20 18:25:37	Name: mUserCookie Value: %7B%7D
.pubmatic.com/	1970-01-20 01:37:37	Name: KRTBCOOKIE_97 Value: 3385-uid:k-18_8qcRbH-In25nUWCTmuqG4nQyDehFQbV-lgQ&KRTB&23286-uid:k-18_8qcRbH-In25nUWCTmuqG4nQyDehFQbV-lgQ&KRTB&23287-uid:k-18_8qcRbH-In25nUWCTmuqG4nQyDehFQbV-lgQ&KRTB&23288-uid:k-18_8qcRbH-In25nUWCTmuqG4nQyDehFQbV-lgQ
.pubmatic.com/	1970-01-20 01:37:37	Name: PugT Value: 1644845631
.pubmatic.com/	1970-01-20 03:04:01	Name: PUBMDCID Value: 2
.adsrvr.org/	1970-01-20 09:40:01	Name: TDID Value: f678d41e-42ed-48fc-947c-13a04b7f58ba
.casalemedia.com/	1970-01-20 09:40:01	Name: CMRUM3 Value: 14620aa87c2760k-EwF8gMRbH-In25nUWCTmuqG4nQxcYRpcYrdv5Q&69620aa87a2760YjU2NDdlYWM2NTM4MTFiM2MyM2QwM2YwOGUzNmEwMWQ
.casalemedia.com/	1970-01-20 00:55:52	Name: CMST Value: YgqoemIKqHwA
.adsrvr.org/	1970-01-20 09:40:01	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjoztre6f23OhAFGAUgASgCMgsIwJLMioD-tzoQBTgB
.bidswitch.net/	1970-01-20 09:40:01	Name: tuuid Value: 34837370-324d-4dda-b376-1143fb2545b8
.bidswitch.net/	1970-01-20 09:40:01	Name: c Value: 1644865660
.bidswitch.net/	1970-01-20 09:40:01	Name: tuuid_lu Value: 1644865660
.tapad.com/	1970-01-20 02:20:49	Name: TapAd_3WAY_SYNCS Value: 1!1099
.revcontent.com/	1970-02-07 06:54:25	Name: __ID Value: a89afb247c6540ffa522b46cc945bcca
.revcontent.com/	1970-01-20 01:37:37	Name: v1_151 Value: 1
.addthis.com/	1970-01-20 10:16:01	Name: ouid Value: 620aa87c000166f8b2c7cfae068595c3b06e1522fbd4225cc8de
.addthis.com/	1970-01-20 10:16:01	Name: uid Value: 620aa87c1c00e00c
.addthis.com/	1970-01-20 10:16:01	Name: na_id Value: 2022021419074047800195190717
.adtdp.com/	1970-01-20 18:25:37	Name: uid Value: d63d337f-cfc9-47f8-ae11-44406c41b5db
.adtdp.com/	1970-01-20 18:25:37	Name: pr Value: aja
.demdex.net/	1970-01-20 05:13:37	Name: demdex Value: 12611677174072780992299458425460057218
.socdm.com/	1970-01-20 18:25:37	Name: SOC Value: YgqofMCo8HoAAPoJVa4AAAAA
.ad-stir.com/	1970-01-20 18:25:37	Name: uid Value: 73706a5f-5b58-4ada-ae0d-58e5e9a9a245
.ad-stir.com/	1970-01-20 01:14:35	Name: d10 Value: k-xrWkucRbH-In25nUWCTmuqG4nQwDyJlaidmkIw
.dpm.demdex.net/	1970-01-20 05:13:37	Name: dpm Value: 12611677174072780992299458425460057218
.dable.io/	1970-01-20 03:18:25	Name: uid Value: 73982174.1644865660715
.turn.com/	1970-01-20 05:13:37	Name: uid Value: 3237634528132622962

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=256718822&origin=https%3A%2F%2Fbaf-fin.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.J6wwVzZFlys.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCNJLWaj6_C-48nmIacOG08UNqZiFA%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1644865655318&_gfid=I0_1644865655318&parent=https%3A%2F%2Fbaf-fin.xyz&pfname=&rpctoken=29163543 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://baf-fin.xyz/cart/update.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://baf-fin.xyz/cart.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://baf-fin.xyz/cart?view=drawer&timestamp=1644865656589 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://baf-fin.xyz/cart?view=drawer&timestamp=1644865656737 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://baf-fin.xyz/browsing_context_suggestions.json?source=geolocation_recommendation&country[enabled]=true&country[exclude]=CA&currency[enabled]=true&currency[exclude]=CAD&language[enabled]=true&language[exclude]=en& Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-490ba64299ef9641a8a9c319b4adfd89' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
network	error	URL: https://baf-fin.xyz/cart.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://baf-fin.xyz/ Message: The resource https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Territories_Desktop_800x.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://baf-fin.xyz/ Message: The resource https://cdn.shopify.com/s/files/1/0023/0657/2339/files/yellowknife_pre_order-mobile-2_x400.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://baf-fin.xyz/ Message: The resource https://cdn.shopify.com/s/files/1/0023/0657/2339/files/Territories_Mobile_2_x400.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://baf-fin.xyz/ Message: The resource https://cdn.shopify.com/s/files/1/0023/0657/2339/files/yellowknife_pre_order_800x.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-13t828RbH-In25nUWCTmuqG4nQwP6zOI5hUmgA&ct=3&cv=1 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
accounts.google.com
ad.as.amanad.adtdp.com
ad.tpmn.co.kr
adgen.socdm.com
ads.yahoo.com
adx.dable.io
api.privy.com
api.userway.org
apis.google.com
assets.gorgias.chat
assets.privy.com
assets1.adroll.com
baf-fin.xyz
bat.bing.com
bcdn.starapps.studio
c.bing.com
c.clarity.ms
cdn.polyfill.io
cdn.shopify.com
cdn.userway.org
cdn.weglot.com
cm.g.doubleclick.net
config.gorgias.chat
connect.facebook.net
contextual.media.net
cs.adingo.jp
ct.pinterest.com
cw.addthis.com
d.adroll.com
d.turn.com
d34uoa9py2cgca.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
eb2.3lift.com
events.privy.com
fonts.googleapis.com
fonts.gstatic.com
foursixty.com
geolocation-recommendations.shopifycloud.com
google-analytics.com
googleads.g.doubleclick.net
gum.criteo.com
i.clarity.ms
i.ytimg.com
idsync.rlcdn.com
image2.pubmatic.com
in.hotjar.com
match.adsrvr.org
monorail-edge.shopifysvc.com
mug.criteo.com
p.adsymptotic.com
p.yotpo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
polyfill.io
privymktg.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rr1---sn-apaapm4g-apae.googlevideo.com
rr5---sn-t0a7ln7d.googlevideo.com
s.ad.smaato.net
s.adroll.com
s.pinimg.com
script.hotjar.com
secure.adnxs.com
shop.app
shopify.privy.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
ssl.gstatic.com
sslwidget.criteo.com
static-tracking.klaviyo.com
static.criteo.net
static.doubleclick.net
static.hotjar.com
static.klaviyo.com
staticw2.yotpo.com
stats.g.doubleclick.net
swymstore-v3free-01.swymrelay.com
swymv3free-01.azureedge.net
sync.ad-stir.com
sync.outbrain.com
sync.taboola.com
tg.socdm.com
trends.revcontent.com
ups.analytics.yahoo.com
vars.hotjar.com
vc.hotjar.io
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
www.pinterest.ca
www.pinterest.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.16.254.71
104.18.99.194
104.36.113.107
107.178.246.49
108.174.10.14
124.146.215.3
124.146.215.46
13.226.31.123
141.226.224.48
142.250.176.194
142.250.80.98
143.204.143.56
143.204.143.67
143.204.143.85
151.101.0.84
151.101.66.133
157.230.5.204
178.250.2.151
20.36.253.92
2001:4998:14:800::1001
23.198.216.120
23.221.203.181
23.227.38.33
23.52.167.93
2600:1400:d:597::1d72
2600:141b:13::17d7:82d0
2600:141b:5000:38b::1931
2600:9000:20ed:3000:1b:5138:8a40:93a1
2600:9000:210b:a400:1:28b3:b280:93a1
2600:9000:2120:ce00:6:9280:1080:93a1
2600:9000:21da:3e00:1c:cd6a:7440:93a1
2606:4700:10::6816:156c
2606:4700:10::ac43:246a
2606:4700:3036::ac43:8404
2606:4700:3037::6815:582
2606:4700::6812:1cb4
2607:f8b0:4006:806::2016
2607:f8b0:4006:808::200d
2607:f8b0:4006:809::2003
2607:f8b0:4006:80c::2006
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::200e
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2004
2607:f8b0:4006:820::200e
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2008
2607:f8b0:4020:1::a
2607:f8b0:4023:1404::9b
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::23
2620:1ec:21::14
2620:1ec:46::40
2620:1ec:c11::200
2a00:ba61:0:126::c
2a02:6ea0:c400::11
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::282
2a04:4e42:600::268
3.213.64.42
3.224.160.131
3.231.80.183
3.34.78.228
34.102.166.132
34.139.78.128
34.203.16.143
34.226.254.117
35.190.60.146
35.211.178.172
35.71.131.137
51.143.53.193
52.167.85.21
52.223.22.214
52.39.245.80
52.45.33.138
52.48.200.82
54.150.59.174
54.158.135.134
54.186.207.31
68.67.179.113
69.173.151.100
70.42.32.159
74.119.119.139
74.119.119.142
74.119.119.150
76.13.32.146
8.28.7.83
89.187.164.66
99.84.125.119
99.84.42.7
99.84.47.14
020bb0470a7ef84b368f7ecd92463631539f32588602933804a757301d7dcecd
030578fff2154d635c82844397fe011273165230d9b1b793c2e325a956a4cdc7
03a3061e52cb69e8338b86a97f9f2eaedbe68ccc3693a9426de4b46e9d21e4da
04c7487aba93fb07228bf34a6bb40b17e6af35b127ecd4785dfa63534d6dd377
057912e496cd39f927374642cb7b3c3c8b85b04c980c8abd285d852f498d1f8f
07db2104bff88b827b7d0dc6c06ec4b2d6fe59c2633680546dbddb3be400285f
08268b6ccedeade7f332007558badbc4ff90495d808478220d8c15648fc734aa
0a755664f46f395be35a95263711334fbad12423f60ffeb821d71d9ddd57bd6c
0aff4a969bac0cfadb6c8ea0cd1eeb03bcac8216ee34e95393d041da8c28c46d
0b87cea495beb763c79752a8484f3e7dde898787d989701e8d24b48c7a6c3619
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112e75f1a121a4588acb907b2314aa4575b789337434c1c1407fa1f1c041886a
130f5bd079da4ccffb6b73d64ea8aa402dcf1370bb24572c8a4084db6de27f98
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f
138b720b78d7acce64642afc2cee63d21a4ef9e98ab41924d921ccf38d4e0b6d
157b620f9372c86b6327cca52b54f2f56d9b3e42e6528c548036319a808c58a0
17a2d7758897d062bc5614cc9944686eaafb245da487d185c6922b6fff11ce18
188b80ab89ee038827797480799fd00d0ba0f19ffa5dbcf613d7ce2c6655e448
195ab3349e3b4ff5e92b3c1293b958c93f089746749c40e7fa4b242758f352ac
1b4fd0e91f1e3e3c84db3110561ea8d11cd01d7bc7b8a4accfe219b28107d4ec
1bc054403b1bed1405ae766b29685b74460ad7c4ed040701a27c9f12fe233651
1f7672936fb92f71e4cc6bd4d921f19103d630329a18929988f57621bafde2d8
20fed1ad6cdb9086b7f14a57c4a1d3a25a23a26bad62493e9994d1ebe0cddd95
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2b40e69b4b5c337e07359025eb264e9125b5228ed972eb8f0f95785a520af271
2db5c98b6fc37b97c134df2495f99f20d197b816bb25a47b33785e2aff7b6210
2dbc9f487853092e8fc71ff1ffd82ee0ab685a62700ab78e9c7111dd78a21b63
2f6cd7d0499f784da380b79d5bbbf64195ea4b6f72a2337c3a5fc9695f37651a
2f9ed3c3ff086eb994faf0934fbc0c86cd9df348ecc8dc6728fa252096c40a6c
2fc5d6e8b9052ee82d5d18bf2da2edda2301f82263b025b685b9e1d14004fda6
313cb2ff8ec23234c2b07e190367c8f6a0aa76925c2fe02549cd8323f1807777
33162dc76f897fc11f1a4eb41c3dd719b39d5ac53be642c86159ec7b71499dce
33a9fb671163ba9879132d6ce75871b245b98b73212030b21aaf9bd5e7723f52
35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37fd7902ea2d2588fc80767747e952dc7235f4eea404a2dad3136b777ad596d5
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
39ab60fa656beea84550da8c8e64009bfd6e3dae5d4cba57567ece93285923c9
3a8ef5cd96abf3435e49f1fd209fa4241319af732ed0dd9e5eb50d37443b71db
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
3b9471c35b5861991d92b27473eb67d8cf6445771da3fca9de9dd45a56b39616
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f8a7189e86e6030e9bc2dae9d8a87d634a756481a88ed25aa4c45378de28c88
408f3188e08fb2c41e58f46e4fb4d51bd38279e8ac45713287a134c6f6924ad0
414805507fcc2b56bf089e3c18d04eef755c8bcd3ab967bdc3a8d01b734a1a65
42219e1bf51e16f19e45c986e0de08cb4422a02c603bb2d82f8e3147464f00e2
4274a7adcfc5e20127b323482cf85588e6a29b541edf5b1be3dcc51d982d90e4
42bc0400c0510801725945d5b183b5386e1573688188c8253b142017fb90f4f1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
48c4707fd3fcaaa2ddc4b65f346eb6cb9d5b6adbff93374be3e10a9f8255ca01
4a638d156316520f451401eedc096ded5c07357323ede53890cdc55fd75d18d2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4decadc38bdfac8eb96fc79cf22a665b680a1158fb91d0b4be7674a423c8b819
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9f66915aa67ba9ed968ce89069ed57a7a56a8a3567a87a226ff7ecd6f12944
50298f3f3f3c107b2685a43d00f8071d702d2b30dc1afb9c668855c097b02277
50f9e27aab388bf3dbfa571baa7739d6785e951498c3f710423197b011dfcee0
51ea75fec6a6030c9a7cd913834dcbbfc53abc6ab2cd665155b996d6e6edfdda
5384271e5ed4375dcb1fd6525df38767641f1d91d023a848902b6d453b9c734c
5438f5788f33be9bcc51c88528abe879d12d8b65079bb4b86d2c725861061c1c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561e81b99a620a3eff989cda9a29cda28c85c8ce32db25afd66ef6cc7a3593f3
56a8bdd173f1b7a4df36f5412234960e646f3ee025a744ebee12891d174ce3c1
5731dc394f53ea839bb2e6c993130697fcc3b4bef2cbfe97f64303123515983c
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e
59c48654847cab7c894b4e49aed73de1a4141c27e501d72dd1117a356ef0f069
5c10eb767efb82342c06763f8c90afbb4a98469528981db1c9a7cfafab862089
5e34c4cc8f3f825ce5d5559af638e32b4801b5623ed704ff0de1f32088ea386d
5fa462dc614affcfe1f33c3802537ed109294c49994de10ff1a4566f5078712b
604bf86b7df8291437ab884ff5a7f4bed2df4d35a55f17d17a9b1b536c284023
61e6bb7dc98f8adb836fc72a8fdd38c6cfb48a0e71d3c58ffc2943217764ef40
6360904dc8818bce553a019cc9e19944bcc49afaf762a71a3a6c7afc4fae7aef
64e843c1303628716d235ee0f58a0645b4455b5066181b3a49b0707594c3fe89
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ab4f5b6eef562836cb4516979b55364ec7ccc1373a8410d9eea8eaef7ea97c7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4709b8b93da4ff986b22d71ef52db2b58ed62f149b9df382399c2e8cd1813a
6bb5f93404dff5e0876e1c502e35755dfe811652cc6a408cba1d6290d0cfdb59
6c170980918a868418e987ba0be556132c10c25f3e013abcbc7c09a1e026dbb6
6c7fa5b6ae7c590d05c789896930afb4fc271b016fa41fe7c5767dae345b4012
6cca7453db08a992664ebb0dbbd9f5ac3e20ba7c890bf4c8dc5a5658658fbaee
6eee8d47515575b82ed7d5adfcd38f397822ad296fed60b3d71f630435b376e5
75ee7ca84ce24f69092fe4b1ccc81a08178c82e8ee3f63f76363ae30b6b89130
7744fa5a61105092623c3b2578faaedeb84b9b2f01efa8d4b74a253de4220e48
77c61a8bbdb6f41f20d79eaad09e1d0deca1c2b40b4c3801ebc6605a1641c388
78485a79a88d58baf7fa253ec43d6827f88dada8b16a1a36325994a84f423970
7862f28a26d445f959e4a5da4097e4380e4d598f6af2ef42b4ec3cdd9dbe313c
7abc5bad60f3c1a3728640864ab085439d4c492e440bdd89b2d64d613aaf2160
7b0eb1e1eb5a6386b2484eb7c4b741d89c6335e672c0d838e2e06e1179814685
7b131ba082aafd05f5a404767886886bc5830afa410a4cdee0e8a03c00613da8
7d718f6412c21bbaa3dbedc13b3a3505a0a265c2dcecc038756e45a082560f18
8105a248359b6ac6332ac4ea2bb2f849f429e5a6d26cf8305eb72c4bdc3297a5
816f25141648c91e0b350147025d0914a1d81f3ff6622d5a050140fedc61307c
8220600118a0a92b0ea818a59cee45ba4cd20b4c6cdeb6298e9c5f0d5b940924
827b4bb042ac177be9cc9732ecfcd2d40725126883719de4e716805974f369b4
82a3eb00f4bd8a43f4950c73fc9e685103551c6568228b3b1a04d023c84948d3
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
83e5e3bbfe16160efd0b73627d1de0eb0b50e5373644f4594043a8cf6eb2b6cd
83ecad4e4f6489d21f59992a4ec2a80f7e59549a3f7405d5a77e1f3562f6074d
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
86681ff095c0ac4c83a4ba81b95e0e0edd0d83b231658b79bcb462ad8bc5a27c
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86891a4f92d09b470ae41e59041f933740ed0637ff2b92780b185cf1649cdb4d
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
8ce20ebbcdb71413f165261ae4f912d5d1063ab3a925deb76b3ad20e090b4ec3
927b005d235ded900592173a1b3d496fbdee07d11c645219a02d4ac7fefa3900
92a42040f54fb34d7fae937b5e11d94831270ee68ad8be843e367495c85a1f42
93866e3ae9f7f797a906796c3ac29471e2166441a58e63133accbc6a862fa41e
93fa2b4cd4e7ab1a5984412607c24a1608bf1cb981908a9aaf4b8a7b9cbfbb16
94a8b599724319591ece46e316c947b632b52061d364ad7340eb8e1057a27716
95d9727f5e12897e78fabeceac3629bde126649b07bc3ebb38191eaf40044914
967fb3ebdd2817f6cdfe38a226909dae65b05164563e4f92d57e8cb9330c81f2
97969ec0c37276ceaead42732fd87e31fb21942b4e3b3a7f9be2fceb8b55ec73
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b381d40ec3a52c1966307a36a813badd673ca72069b00307211491778b1f563
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9babce6e12a3ba8adbc5201c033afeabce2d4d7705a946dcbaee98bf552c379d
9d75f5810616619332082a32e306df4fbe31d6f8a48e5d866f38628f7204f54c
9df3bc4914ec1b70533b0af9a95d818ae1393e9840cbf9bf4c8f683a78cf55a3
9e351578126b0240dc29e00c61deae3e21756efee4b3de18c653d03cc8868069
9fc71f4f05e4c9a5c5744d682e2aa233dbb3253d0f6fb85863dbc70906f73682
a16b7fda826d880da371cdb3cc7902440a2ced7264a2dad86588f1280e288474
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a504fc82e27bb51fa7b227007629478acb1390a7331d7797efcb584fb7805501
a52d5d5f122b5467fff12dc296c83336426ee8dc90be7ce1042e07f99c6c9f03
a6cea08b71569bba46d40211345418688a74d6b29cd9582ca7678cb40d8e9115
aba2b2c326918e25082af81c4c8aadf8e948c712f2eca834c2acb7e195a0d9a9
ad4b242488febec57a97418e13707a339f091b2ada141d343bf377bbfbc51c9e
ae74584031b2f110e0643a0481c25197f1b30124f47449ce9414919377c99a13
af98397149c4225f0531f56685584366b5b55f0cc9ec99bfb858aea9376d4d52
afcd080d430b727d27884c198df487c63e43e94af79399b178fcd566084ea785
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b01e9928daea4d9a51fb64020ddfed53a5b6587b48f4b599c8c75b69cd939055
b095acf803682b591bbd275a9bec33e580d2f43018fec73149e35ae4e2a94af6
b0ceb1922a3bc10db2e283a3c9e1a73b7faef3573e8f4ad5b8305945497c692e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b182ee0c60a8eaecc4157e75a69c48d4cd7dbc64487515b17afd8e7f32a161df
b1e775e33b946a4c732fd4010160db6a7eb735b2c850ca81f1f82cfae1cf302d
b2af9ae40032f58e305dc1b1a7760f0934ef20ab73bd72d273e81cb71f11d509
b2df68db3a2e3f3f7182a16c8a255a9640057223555f379756f98bc020366a06
b34a12773229883197897da7c2be2c0b63487a95cf3a03cdbb4981b63e139441
b35294fe2026658b9ad289c423eca92c288cc284de29f13b2a2c622bdd0514fd
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
b5236eeadd698087397ee8a8c641d245cd9006cd1bf1e20e65f754aea7c19be2
b5a819a6193cd99dbac47a9f27304bff4c51b7e4496b75a4b57e8b9a67d26233
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
b623ddc0ffdd2d29de3f2c10690bf1c7c33e39b317dcb538ddf6e6f6091cd483
b7dc3ea29dc7e62886cf5b97f336bd45ce314ffbeb224d86e66f8d57916f393c
b858fbf1c94720a10efd051bb77913405aa0413edc6497ecbbdcdc0dcc768720
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb81a2155beaa67c245c6ee373be4d155fcff54dc4d60ab1d81a9db039346701
bbaf614437ec33e7f394b7a2815671aeeb5f4ac2eae8d029b42dc9e1bd38aee7
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd
beae85300a9f6d0a6e1f458457efb8813efd9dca56c9306bbd97cc76e710b1d8
befbb79721060a9b705a165feb7a728d977a0dd770e6c6b03b4868d6fe17ee10
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5c638b10c271f8169a0a9bd220a4b8fd2094011d7978763f833d8a0eba77c77
c80a7f5318222e62167b767d3ab5e994556a55c52bba0761ca774bba52bbe7cc
c869f041fe8d4e26a5aed7ba6a3be580c886dd9e21fc61120cf7fb1dcaa50d3a
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
cb1da281a5791a4688cd7e69369a4ad684e70ba52a5c4c0c4216e50e28fc7cc3
cb902272a5ac5cfed85843d388731efcda7503fada97f19151ec9a440fe8cd75
cbee8db91ddddd202d78add8c1fb28e0d291241ba1a15eaad72802cdad9e652b
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cd5be6c41f675ee8cc1328a957a702ad5e4ae22df574a125b3596e4554b9abdb
ce1ecdb52b0df6bd1583e19fdb05f2a3e85d418b80e83985258c84660df0eeb5
ce832ec8cd46f7bec9f6212e9119cbfc4d3083f164486548691e3048dc713d8e
cf16f75a6a4c4039827d215f927c8122aecfa6962130b2fc0e0e7517ca1f9b17
cf407ebb5fcd2683554310d37a6a7670e735d43ff3366a45d60b73c14d2aaeca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf60af051dd971bc612d98fc98532a13ae159421f11277045ea230757fa135ac
d02b0859b8e28896b44e1c6b99f6e36409447e78cf97666e1f76939e0229fd6c
d191bedb4ccc9fd7f7eb24b325fb64488c1ad0d949c3b644f5600eafd8aecb73
d1e26c3e6af32b965902df34319e98f02ca064c0eca4048fa364357548a8b28e
d258eccb44527059bf2fa6efc2b4db66ae17b5b5b88b7291a0b4769dc2fcd7c2
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d332d9092e4296a20357dfc28e865341520cba2f31a935aa78e7314228d17f90
d55e290b52b1a2b8fa19a62a3f9e82c22866ebe9f183891a874ccbb6ec6ba686
d5a9cefea436a4582ff8dea30cde003666af9eba90099e4d6a6277008db8f377
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8f66b4bcc5e8d3e51de1971d5860966de604f411416bd5338fbecb882dfed7e
da11d966a80d6fa2c82e93ab46f32b493b36b8bd5c8305cb19badc3717db82c0
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dcca9dfc9b6ffa1c5278272e2ca4c8cf668149f9ebc688ac258bee17535564c1
de8e99451a4c87e214d017efa78867d0bb36f386513969fc080c3a84235f5923
dea7455a056e5ecdc6321af45fedcc60c1b93670d92e1f27e430ec487f1f8871
ded3cc824f7bd6d490d247ad247bc13cd3205f3dca15e6afa78610dc8a4d1143
e04cc1cecb33c6cb59c5bdc2a7ec38e26289e86360363715009a41940f0adda3
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e1fd54ab6ddcbd5c290bf0293dc1e428a8bc0ee2a2723b344398d663449487c1
e26e13a3d74da0afe57351974071fc8509352a7469cb84acebb7f7858395be55
e368e55a7cfb23084f46da05742a25a68df2de08001cf191a05e3619da0f5b16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45e149fd6a7bd34c679e5548ce7f20dcc4bee985dbedcb86ae1e702b3fa256c
e713dafa3d4d5303d3b7ae3e171b3ca4ac95356b7fb212d5fa5bd4ea3fa03b1e
e788e3f4931c27d06456b8567d840490f0b541371bae9773e92fdba89b56e1ae
ea1d29b419599a59d7da810bfa2f4dbe0b8f72d39fa71cb5195300cfb879f837
ea379836abb44dec116b360856f9a27ac75df9115928b45f053e82eca5fe35ef
eb27d9614aaa5ce07e37e259e91cd75a782561b5432d857af14388813fc44631
eb6abd6ff094f582fac02516923b9ae8de1525db8319b77968f805a3c5f31480
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eefb4824a6a649894cdc8aab9c0f06e68622f6a7da7ce1a7386d18e5d52225d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef92c437b5ee2f02a2e1addd062a60739cc7a4d451d6cccfd764440391218ce3
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e
fb34a2f9f9c25d6e15877c1d745fc5691e284a59d5841ced1908a8268959dc7a
fba079cff17d075bd7d9c8ae26cddafc2205f462a9d9ad86e71e3c35c227a4b3
fd75a46cf1dba42cdb6a5d40390b349e954f62a0b4d33e06b0076c51781b8fe0
fdac52d25a048d0bc14f650edb8099b41d10802cb628f4b596e490a669a62ba7
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffe82d69c0690ae323ec4cee4345d74a92a48a38373b0714ad48465dc10b7530

baf-fin.xyz Open in urlscan Pro 2606:4700:3037::6815:582 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

308 Requests

92 %HTTPS

43 %IPv6

73 Domains

109 Subdomains

90 IPs

7 Countries

5591 kBTransfer

14898 kBSize

118 Cookies

6 Outgoing links

Page URL History

Redirected requests

308 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

baf-fin.xyz Open in urlscan Pro
2606:4700:3037::6815:582 Public Scan

Screenshot
Live screenshot

Full Image

308
Requests

92 %
HTTPS

43 %
IPv6

73
Domains

109
Subdomains

90
IPs

7
Countries

5591 kB
Transfer

14898 kB
Size

118
Cookies

308 HTTP transactions
3 data transactions