www.bfitamazing.com Open in urlscan Pro
2620:127:f00f:e:: Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bfitamazing.com/
Submission: On October 16 via api (October 16th 2024, 9:34:11 pm UTC) from CA — Scanned from CA

Summary HTTP 226 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 38 IPs in 2 countries across 24 domains to perform 226 HTTP transactions. The main IP is 2620:127:f00f:e::, located in Canada and belongs to CLOUDFLARENET, US. The main domain is www.bfitamazing.com.
TLS certificate: Issued by WE1 on October 6th 2024. Valid for: 3 months.

This is the only time www.bfitamazing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2620:127:f00f... 2620:127:f00f:e::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
8	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
4	2620:127:f00f... 2620:127:f00f:ff01::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
72	2600:9000:251... 2600:9000:2511:9000:f:5e39:d380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
1	2600:9000:28b... 2600:9000:28b2:2800:0:8879:1f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:28b... 2600:9000:28b2:e200:13:39e7:1700:21	16509 (AMAZON-02) (AMAZON-02)
4	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:e45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:e... 2600:1901:0:e57f::	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
2 2	142.250.80.100 142.250.80.100	15169 (GOOGLE) (GOOGLE)
1 2	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
1	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.35.163 142.251.35.163	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.64.99 142.250.64.99	15169 (GOOGLE) (GOOGLE)
1	142.250.81.232 142.250.81.232	15169 (GOOGLE) (GOOGLE)
1	142.251.40.238 142.251.40.238	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26f... 2600:9000:26fa:2200:1b:6fb2:b780:21	16509 (AMAZON-02) (AMAZON-02)
2	172.67.192.204 172.67.192.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:24f... 2600:9000:24f1:ea00:7:67fb:be80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.164.131.94 18.164.131.94	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:340	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.163.245.4 3.163.245.4	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
226	38

8 2620:127:f00f:e:: (Canada)

ASN13335 (CLOUDFLARENET, US)

www.bfitamazing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com

www.bfitamazing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2600:9000:2511:9000:f:5e39:d380:93a1 (United States)

ASN16509 (AMAZON-02, US)

widget.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

triplewhale-pixel.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:28b2:2800:0:8879:1f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

checkout-sdk.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:28b2:e200:13:39e7:1700:21 (United States)

ASN16509 (AMAZON-02, US)

d3ejra0xbg20rg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e45 (United States)

ASN13335 (CLOUDFLARENET, US)

conf.config-security.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e57f:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.config-security.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.100 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.35.162 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.64.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.238 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.merchant-center-analytics.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26fa:2200:1b:6fb2:b780:21 (United States)

ASN16509 (AMAZON-02, US)

d3ithgl79uu5su.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.192.204 (United States)

ASN13335 (CLOUDFLARENET, US)

reconvert-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:ea00:7:67fb:be80:93a1 (United States)

ASN16509 (AMAZON-02, US)

intg.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.131.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-131-94.jfk50.r.cloudfront.net

d34uoa9py2cgca.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:340 (United States)

ASN13335 (CLOUDFLARENET, US)

app.kiwisizing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	sezzle.com widget.sezzle.com — Cisco Umbrella Rank: 31211 checkout-sdk.sezzle.com — Cisco Umbrella Rank: 75245	146 KB
49	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2498	668 KB
42	bfitamazing.com www.bfitamazing.com	599 KB
12	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3421 static-tracking.klaviyo.com — Cisco Umbrella Rank: 3995 fast.a.klaviyo.com — Cisco Umbrella Rank: 4576 static-forms.klaviyo.com — Cisco Umbrella Rank: 4254	74 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192	1009 B
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 893 intg.snapchat.com — Cisco Umbrella Rank: 17335	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	353 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147	48 B
3	cloudfront.net d3ejra0xbg20rg.cloudfront.net d3ithgl79uu5su.cloudfront.net d34uoa9py2cgca.cloudfront.net	9 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1089	8 KB
2	kiwisizing.com app.kiwisizing.com — Cisco Umbrella Rank: 29517	36 KB
2	reconvert-cdn.com reconvert-cdn.com — Cisco Umbrella Rank: 46043	7 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 12143	127 B
2	config-security.com conf.config-security.com — Cisco Umbrella Rank: 12663 api.config-security.com — Cisco Umbrella Rank: 11052	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	30 KB
1	merchant-center-analytics.goog www.merchant-center-analytics.goog — Cisco Umbrella Rank: 6102
1	gstatic.com fonts.gstatic.com	15 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 89	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	web.app triplewhale-pixel.web.app — Cisco Umbrella Rank: 35393	35 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	1008 B
226	24

	Domain	Requested by
72	widget.sezzle.com	www.bfitamazing.com widget.sezzle.com cdn.shopify.com
49	cdn.shopify.com	www.bfitamazing.com
42	www.bfitamazing.com	www.bfitamazing.com
8	static.klaviyo.com	www.bfitamazing.com static.klaviyo.com
4	tr.snapchat.com	www.bfitamazing.com sc-static.net
4	www.facebook.com	www.bfitamazing.com
4	www.googletagmanager.com	www.bfitamazing.com www.google-analytics.com www.googletagmanager.com
4	www.google-analytics.com	www.bfitamazing.com www.googletagmanager.com
4	connect.facebook.net	www.bfitamazing.com connect.facebook.net
2	sc-static.net	intg.snapchat.com
2	app.kiwisizing.com	www.bfitamazing.com
2	reconvert-cdn.com	www.bfitamazing.com reconvert-cdn.com
2	www.google.ca	www.bfitamazing.com
2	td.doubleclick.net	www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.bfitamazing.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	www.bfitamazing.com www.googletagmanager.com
2	static-tracking.klaviyo.com	static.klaviyo.com
1	code.jquery.com	reconvert-cdn.com
1	d34uoa9py2cgca.cloudfront.net	www.bfitamazing.com
1	intg.snapchat.com	www.bfitamazing.com
1	d3ithgl79uu5su.cloudfront.net	www.bfitamazing.com
1	www.merchant-center-analytics.goog	www.bfitamazing.com
1	analytics.google.com	www.bfitamazing.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.googleapis.com	client
1	api.config-security.com	www.bfitamazing.com
1	static-forms.klaviyo.com	www.bfitamazing.com
1	fast.a.klaviyo.com	www.bfitamazing.com
1	conf.config-security.com	www.bfitamazing.com
1	d3ejra0xbg20rg.cloudfront.net	cdn.shopify.com
1	checkout-sdk.sezzle.com	cdn.shopify.com
1	triplewhale-pixel.web.app	www.bfitamazing.com
1	cdn.jsdelivr.net	www.bfitamazing.com
226	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.instagram.com
www.tiktok.com
instagram.com
www.trustpilot.com
www.shopify.com

Subject Issuer	Validity	Valid
www.bfitamazing.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
static.klaviyo.com R11	`2024-09-09` - `2024-12-08`	3 months	crt.sh
cdn.shopify.com E6	`2024-08-29` - `2024-11-27`	3 months	crt.sh
widget.sezzle.com Amazon RSA 2048 M03	`2024-04-07` - `2025-05-05`	a year	crt.sh
web.app WR4	`2024-09-25` - `2024-12-24`	3 months	crt.sh
checkout-sdk.sezzle.com Amazon RSA 2048 M03	`2024-04-21` - `2025-05-19`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-26` - `2024-10-24`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
static-tracking.klaviyo.com R10	`2024-09-17` - `2024-12-16`	3 months	crt.sh
config-security.com E5	`2024-09-26` - `2024-12-25`	3 months	crt.sh
fast.a.klaviyo.com R10	`2024-09-09` - `2024-12-08`	3 months	crt.sh
static-forms.klaviyo.com R10	`2024-08-18` - `2024-11-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
api.config-security.com WR3	`2024-09-27` - `2024-12-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.googleadservices.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.ca WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
merchant-center-analytics.goog WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
reconvert-cdn.com WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh
intg.snapchat.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-02` - `2025-07-01`	a year	crt.sh
kiwisizing.com WE1	`2024-08-25` - `2024-11-23`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.bfitamazing.com/
Frame ID: 9931158EB9D20F7894F80A2097DD2916
Requests: 217 HTTP requests in this frame

Frame: https://www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/custom/web-pixel-shopify-custom-pixel@0220/sandbox/modern/
Frame ID: 7ABED0A53BDA201BAF2BA9E7C95C1EB7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11090686862?random=1729114441906&cv=11&fst=1729114441906&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~101686685~101794736&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bfitamazing.com%2F&label=GhnfCJCDwIsYEI7nuagp&tiba=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&hn=www.googleadservices.com&frm=0&did=dNzYwYj&gdid=dNzYwYj&gtm_ee=1&rdp=0&npa=0&pscdl=noapi&auid=1208178091.1729114442&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dpage_view%3Bpage_path%3D%2F&ct_cookie_present=0
Frame ID: 82A6FF0AD59B86C4B4F3A417861FC2A8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-HSXT121041&gacid=583531992.1729114441&gtm=45je4ag0h2v9133677125za200&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=474241737
Frame ID: 105B7D5E74C8C4ED725D6E218526FABE
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=144567f3-ba35-478f-b238-e79152f02f62&u_scsid=5cbe895f-c475-45cd-ba02-c54c6ff94ebc&u_sclid=5d9edfc4-a4f3-41ed-8188-e6fccffe96c1
Frame ID: 3EE84AA78647AC1A7C5B462EE8271CA7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

B|Fit Amazing – Bfitamazing

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

226
Requests

98 %
HTTPS

55 %
IPv6

24
Domains

35
Subdomains

38
IPs

2
Countries

2093 kB
Transfer

4087 kB
Size

37
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/bfitamazing

Search URL Search Domain Scan URL

URL: https://www.twitter.com/bfitamazing

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bfitamazingofficial

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@bfitamazingofficial

Search URL Search Domain Scan URL

URL: https://instagram.com/bfitamazingofficial
Title: @bfitamazingofficial

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DBMFrYeyr6t/
Title: B|Fit Vapor cosmos #bfitamazing #bfitOctober 15, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DA55yjuyCTc/
Title: Bfit Amazing Brand Ambassador #bfit #bfitamazingOctober 8, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DAym0rWSUl9/
Title: Brand Ambassador @nikki_11_77 #bfitamazing #activewearOctober 5, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DAq68xoyPlu/
Title: B|FIT RACING MEN'S RUNNING HOODIE #bfitamazing #workoutOctober 2, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DAbNFePSU5c/
Title: Brand Ambassador @trenee_maus #bfitamazing #bfit #menworkoutSeptember 26, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DAQ98lTyPZR/
Title: Brand Ambassador @ques_quitlessfitness #bfitamazing #ambassador #activewearSeptember 22, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DAMDW_Wy9Nx/
Title: Bfit V2 Long sleeve #bfitamazing #bfit #mensworkout #mensactivewearSeptember 20, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DABrhqLyLwp/
Title: #bfitamazing #unboxingSeptember 16, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C_uxdOYyBPR/
Title: Brand Ambassador @prenses_milaaaa #bfitamazing #bfit #activewearSeptember 9, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C_dTanKSuUX/
Title: Brand Ambassador @brandonkunkle #bfitamazing #bfitmanSeptember 2, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C_OhjdhzP-3/
Title: B|Fit Contour Unitard in Pink #bfitamazing #bfit #workout #activewearAugust 27, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C-uFQcCxbY0/
Title: B|Fit Prime #bfitamazingAugust 15, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C-jS9ktyvOK/
Title: Brand Ambassador @shampayneetheebodyy #bfitamazing #bfit #activewear #gymAugust 11, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C-adTGvyNi6/
Title: Brand Ambassador @s_mariee313 #bfitamazing #bfit #activewear #bfitauraAugust 7, 2024

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C-PxrUtSiEy/
Title: Work, Sweat, Achieve. 🏋️‍♂️💪👟 #bfitamazingAugust 3, 2024

Search URL Search Domain Scan URL

URL: https://www.trustpilot.com/review/bfitamazing.com
Title: Customer Reviews

Search URL Search Domain Scan URL

URL: https://www.shopify.com/?utm_campaign=poweredby&utm_medium=shopify&utm_source=onlinestore

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101529666~101686685~101794736&rnd=1071139347.1729114442&url=https%3A%2F%2Fwww.bfitamazing.com%2F&dma=0&npa=0&gtm=45be4ae0za200&auid=1208178091.1729114442&did=dNzYwYj&gdid=dNzYwYj&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101529666~101686685~101794736&rnd=1071139347.1729114442&url=https%3A%2F%2Fwww.bfitamazing.com%2F&dma=0&npa=0&gtm=45be4ae0za200&auid=1208178091.1729114442&did=dNzYwYj&gdid=dNzYwYj&frm=0

Request Chain 103

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11090686862/?random=2077758605&cv=11&fst=1729114441906&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~101686685~101794736&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bfitamazing.com%2F&label=GhnfCJCDwIsYEI7nuagp&tiba=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&hn=www.googleadservices.com&frm=0&did=dNzYwYj&gdid=dNzYwYj&gtm_ee=1&rdp=0&npa=0&pscdl=noapi&auid=1208178091.1729114442&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIwffboO2TiQMVDGNHAR2Z8x7_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5iZml0YW1hemluZy5jb20vQlZDaEFJOE1pOXVBWVE5S185a2JyV21mb0NFaXdBdER3YTFULUo2eEhaM1hVUkRINjVwUktwOUF2SnNqUFhyMV8zTEFRQXVyRkJwaUhaRG95d0NPcTdfQQ HTTP 302
https://www.google.com/pagead/1p-conversion/11090686862/?random=2077758605&cv=11&fst=1729114441906&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~101686685~101794736&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bfitamazing.com%2F&label=GhnfCJCDwIsYEI7nuagp&tiba=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&hn=www.googleadservices.com&frm=0&did=dNzYwYj&gdid=dNzYwYj&gtm_ee=1&rdp=0&npa=0&pscdl=noapi&auid=1208178091.1729114442&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIwffboO2TiQMVDGNHAR2Z8x7_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5iZml0YW1hemluZy5jb20vQlZDaEFJOE1pOXVBWVE5S185a2JyV21mb0NFaXdBdER3YTFULUo2eEhaM1hVUkRINjVwUktwOUF2SnNqUFhyMV8zTEFRQXVyRkJwaUhaRG95d0NPcTdfQQ&is_vtc=1&cid=CAQSKQDpaXnfZSCeTEA_YItxvI-oMs29KBjddCSfNbkcRwmF5PEew4j1JjZe&random=3635985953 HTTP 302
https://www.google.ca/pagead/1p-conversion/11090686862/?random=2077758605&cv=11&fst=1729114441906&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~101686685~101794736&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bfitamazing.com%2F&label=GhnfCJCDwIsYEI7nuagp&tiba=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&hn=www.googleadservices.com&frm=0&did=dNzYwYj&gdid=dNzYwYj&gtm_ee=1&rdp=0&npa=0&pscdl=noapi&auid=1208178091.1729114442&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIwffboO2TiQMVDGNHAR2Z8x7_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5iZml0YW1hemluZy5jb20vQlZDaEFJOE1pOXVBWVE5S185a2JyV21mb0NFaXdBdER3YTFULUo2eEhaM1hVUkRINjVwUktwOUF2SnNqUFhyMV8zTEFRQXVyRkJwaUhaRG95d0NPcTdfQQ&is_vtc=1&cid=CAQSKQDpaXnfZSCeTEA_YItxvI-oMs29KBjddCSfNbkcRwmF5PEew4j1JjZe&random=3635985953&ipr=y

226 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bfitamazing.com/ 132 KB
29 KB 390ms
323ms Document
text/html 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4a20102133b4f374090f8e896adbe18b58969bc5125d9daf316b2856970a88

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d3b2ba13bb6a2d2-YUL
content-encoding: br
content-language: en-CA
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Wed, 16 Oct 2024 21:34:00 GMT
etag: "cacheable:ef47568c2f17e347b1cc7a442c3a8263"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsjZ9cu17Nk6l5AHG86TjvAaoV1BOWa2N0IbLe8hkrb4iMQT7zb6N8qXSbcNSFp8ScLWSAXC3khvUCs2DJGkDrqZVY%2FFgT6Qxdi4cUCixFucOMVH4iZgsDWPo4K1QhhdkEAt%2BNxvOK4g92mhTNjX8gM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=231;desc="gc:23", db;dur=32, db_async;dur=6.691, render;dur=66, asn;desc="16276", edge;desc="YUL", country;desc="CA", theme;desc="124299214902", pageType;desc="index", servedBy;desc="5mtx", requestID;desc="6fa94667-1a10-4760-b041-b44f2c2dcc9f-1729114439" cfRequestDuration;dur=302.999973 ipv6
strict-transport-security: max-age=7889238
vary: Accept
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 6fa94667-1a10-4760-b041-b44f2c2dcc9f-1729114439
x-shardid: 272
x-shopid: 14188380214
x-shopify-nginx-no-cookies: 0
x-sorting-hat-podid: 272
x-sorting-hat-shopid: 14188380214
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

GET
H2 200 preloads.js Show response
www.bfitamazing.com/checkouts/internal/ 6 KB
2 KB 56ms
53ms Script
application/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158c964b4b611ae075fc8a19378787a4059ce46c4ba806153b7a3348ed47e52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnahAgpB%2FKD0tWSdU7aZI4un9hB125Z2ONE9vsetCsJhcPkn5Hy%2BrHWQlpTT%2F%2FYb5p4ax0D%2Byo61NlrU1Q5lhryuhWvb1PiZ9VmX%2BYBbKsX%2FMBcCc0suAdH3WJ7FHtsR%2BVcgMnM3N7QcEbc2zjNP1KM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfRequestDuration;dur=35.000086, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: application/javascript; encoding=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=7889238
cache-control: no-store, no-cache, must-revalidate
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba35f41a2d2-YUL
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-shopid: 14188380214
server: cloudflare

GET
H2 200 load_feature-f4e7948c1c9e4f45ef404dbb8b5dbcaa265bad73ea228bf111efe71177b448d9.js Show response
www.bfitamazing.com/cdn/shopifycloud/shopify/assets/storefront/ 12 KB
4 KB 62ms
60ms Script
text/javascript 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-f4e7948c1c9e4f45ef404dbb8b5dbcaa265bad73ea228bf111efe71177b448d9.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4e7948c1c9e4f45ef404dbb8b5dbcaa265bad73ea228bf111efe71177b448d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: c06ab890-1f2e-403f-8c65-dc1336be60d0-1728068654
content-encoding: br
cf-cache-status: HIT
age: 9714
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQmij2CYYhJKn2PAGOWFLqDLxhn%2FmNJTBDiEt7gaVZ2B2TJgDfKyuA2MvZLfUUVal8v7rXp6wkGBUNkQ8JWp%2BVrRJs%2FKz8ik9M0v1rr%2FNCgvTCfAb12Mm2LMUBhq82ex8bOmpJakZ4lK9xx%2FqDFnjSI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=181.383, imageryFetch;dur=111.771, cfRequestDuration;dur=42.000055, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 04 Oct 2024 19:04:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-f4e7948c1c9e4f45ef404dbb8b5dbcaa265bad73ea228bf111efe71177b448d9.js>; rel="canonical"
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba35f44a2d2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3332
x-xss-protection: 1; mode=block
x-sorting-hat-podid: -1
server: cloudflare

GET
H3 200 storefront-banner.js Show response
www.bfitamazing.com/cdn/shopifycloud/privacy-banner/ 96 KB
24 KB 57ms
53ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shopifycloud/privacy-banner/storefront-banner.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

5cf4882c19e095a337f473d17181c0495b438c0c0e7c8036e0e7c05c884900dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: af579909-a001-4487-a272-b70b444f24b0-1729113692
content-encoding: br
cf-cache-status: HIT
age: 273
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpc5BcVrGd5DTgYUVnaH8J8%2FwziaiINCsDWOG7GjYyg6hHSyet2lJL5zb96ZVpZmV8VqXPwUeFont8UcdfolSbOEMzLmZiCh51rDJA1y%2FK%2BMu0d2nuMVqC6LXf%2BX7pFm1PO9SN0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=82.381, imageryFetch;dur=54.039, cfRequestDuration;dur=15.999794, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 21:21:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/privacy-banner/storefront-banner.js>; rel="canonical"
cache-control: public, max-age=1800, must-revalidate
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4187c42e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24107
x-xss-protection: 1; mode=block
x-sorting-hat-podid: -1
server: cloudflare

GET
H2 200 theme.css
www.bfitamazing.com/cdn/shop/t/27/assets/ 167 KB
26 KB 41ms
39ms Stylesheet
text/css 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shop/t/27/assets/theme.css?v=62441372190441597211667084167

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e8763af18365ca32b324c6310c4f7e5f123c2dc4be12d34f3afc5473fb9bdf

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 2f982e7a-82ed-442c-a4d8-bc5f53836526-1715620429
access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 6456876
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mh24nsFiycFd2HDBgV78HYb31fh8lJJZrs4nP6Ol%2B2CUAR%2BbAM%2Fx2plkOAWA9KRgtJiT%2FxuVScmGycSKqFFhgbSbnp%2F%2BG%2Bo%2F%2FNboO%2BhZkmp%2BbXsPUMOsO%2B%2FNA8yUhlo2fUERS1KXUgBZjKmTqLHMb5E%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=158.773, imageryFetch;dur=97.541, cfRequestDuration;dur=19.999981, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 13 May 2024 17:13:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0141/8838/0214/t/27/assets/theme.css>; rel="canonical"
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba35f38a2d2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25617
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H2 200 slick.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 2 KB
1008 B 102ms
44ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"6c1-bp0TNCoRqM/Z5C7iQ+rq4BzaTiU"
age: 2829334
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230154-FRA, cache-yul1970056-YUL
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 583

GET
H2 200 custom_product.css
www.bfitamazing.com/cdn/shop/t/27/assets/ 9 KB
3 KB 39ms
38ms Stylesheet
text/css 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shop/t/27/assets/custom_product.css?v=87285497151178844421667084166

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f99eeca80bb5c5e88ba7788559ba51a6729c2421c960db2537d396802d0ee82b

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 60da13c3-e2a1-4098-aef0-290edcff0a0b-1715620640
access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 6456876
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yawWeF2DdjIzzoe9FaRPClDlotFA0sv3FxHXzLRoAMIk4Y3aKSME4XXakc62dI9HhrlA%2FiWYroI%2FAmHaLeWqNk6Im%2Fnbaj5IXSBkDOxQIUV0dZyApZaV6nK%2FamcfuNJCQUJKElJ8teOJlkyJZX68M%2BA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=118.714, imageryFetch;dur=92.308, cfRequestDuration;dur=19.000053, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 13 May 2024 17:17:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0141/8838/0214/t/27/assets/custom_product.css>; rel="canonical"
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba35f3ea2d2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2124
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 lazysizes.min.js Show response
www.bfitamazing.com/cdn/shop/t/27/assets/ 24 KB
8 KB 68ms
65ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shop/t/27/assets/lazysizes.min.js?v=174358363404432586981667084166

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e1fd54ab6ddcbd5c290bf0293dc1e428a8bc0ee2a2723b344398d663449487c1

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 2bfe68b8-3f3a-4cce-84c7-97a100c8f6a2-1715623300
access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 2298961
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJ20vOj2J8vsr1opwe%2FO4ux%2FNJ1qDwKq8pVSj%2FOr4AWwRwv0D2S%2FkE%2BUrr9MITTvpXPqtDIOD8VP6Uhzp%2FdhhBWqzxmLlHBHS1Vt6AaU3Eqwqi6a8BdpeqdugjnG7aslWRATMZA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=141.047, imageryFetch;dur=96.029, cfRequestDuration;dur=16.999960, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 13 May 2024 18:01:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0141/8838/0214/t/27/assets/lazysizes.min.js>; rel="canonical"
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4187e42e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7624
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 libs.min.js Show response
www.bfitamazing.com/cdn/shop/t/27/assets/ 176 KB
54 KB 70ms
67ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shop/t/27/assets/libs.min.js?v=26178543184394469741667084166

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a52d5d5f122b5467fff12dc296c83336426ee8dc90be7ce1042e07f99c6c9f03

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 1b650cf6-2356-4247-91f7-b11f3b45613c-1715646368
access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 13468036
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0AED%2BrGx8znW4BZBLeepM4T4K0fVS2BWhL5qDF2XTayLcsLo1%2FF4XWr%2FUdEX8Em%2F2680zduxegotMreaIFrXQeSmjIz0SVk3fDGb7kMy4RDJ15d7kEKg76uGTdxG%2Ba8BgEBKXGE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=108.257, imageryFetch;dur=73.035, cfRequestDuration;dur=15.999794, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 14 May 2024 00:26:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0141/8838/0214/t/27/assets/libs.min.js>; rel="canonical"
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4188042e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54622
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 theme.js Show response
www.bfitamazing.com/cdn/shop/t/27/assets/ 157 KB
29 KB 69ms
66ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shop/t/27/assets/theme.js?v=116291210821653663351667084167

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

30cbebde9bc44c8629171efedc723e5c37ec93bb1f510b9d9439a2495dc3646d

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: bbad1fd8-b19a-4567-847d-bc94d109f51d-1715635522
access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 13478665
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYFbq4jmidrlY1164O9mH%2BhbAUGtSA5acKQOAXdYgWT4YnhrvZGNwUgRbirsrUPPGpbCsJ%2B8hMDuxq3QoK81ThKadVrVRn0um7DlGgyAXxWHn9leWSodCBWCpmTAwg%2BogpMSgRI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=118.156, imageryFetch;dur=61.495, cfRequestDuration;dur=29.999971, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 13 May 2024 21:25:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0141/8838/0214/t/27/assets/theme.js>; rel="canonical"
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4188142e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29115
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 custom.js Show response
www.bfitamazing.com/cdn/shop/t/27/assets/ 90 B
1 KB 196ms
194ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shop/t/27/assets/custom.js?v=183944157590872491501667084166

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

20e3f78641278b57ca2499f3d2a2bbb7c564cb72c6290851d3e91ec18885a137

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 1d6f4810-9869-4a58-a1e6-7b1156aaff14-1715645142
access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 13468934
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZkWnsj7tZYNWW9AAI7BcDLZ6jVLEk%2BpzNOoSRMyceInlBVCK%2BHZiJKiP%2Bx4kOSYEm2LnpD4hNLH%2FSel5Zj28CeXO%2BhGuuUOUq0fVfoD2VvSw1uuztIgh%2BKVbggF3TFhORcsb30%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=125.997, imageryFetch;dur=99.852, cfRequestDuration;dur=22.000074, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 14 May 2024 00:05:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0141/8838/0214/t/27/assets/custom.js>; rel="canonical"
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4188242e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 90
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 sca.affiliate.data.js Show response
www.bfitamazing.com/cdn/shop/t/27/assets/ 470 B
1 KB 196ms
194ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shop/t/27/assets/sca.affiliate.data.js?v=162055746238485294401667084167

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

443aa67e34ea17fd30448470318c93545e09089376a98284d8fca90b903fa2c1

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: aefa3ce4-67b0-4e36-8e4f-81473bfd0cc2-1715627442
access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 13486998
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tg0BocabteEGLtkaSTP%2B8joX6%2FNLY0z4pYz8oNTHYL23E98LtUnqpJGF1MWjCzRs%2BAlkqQWbo2Q%2BMHPtFoRz2iYx7l5lFgikTJkXlj8IxZhLUmHdC29gDO8rWGn%2FHiu%2FoWlXmiM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=158.101, imageryFetch;dur=137.200, cfRequestDuration;dur=19.999981, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 03 May 2024 17:57:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0141/8838/0214/t/27/assets/sca.affiliate.data.js>; rel="canonical"
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4188342e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 182
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/QArDbk/ 7 KB
3 KB 306ms
252ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7769261830400ef639663fd747fb7e8bd78bab9f6da70e7366bd5bfd297e2b9c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: "af7392d34cc714029c286359dcc9fe63"
age: 0
access-control-allow-methods: GET
x-cache: MISS, MISS
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: application/javascript
x-served-by: cache-lga21959-LGA, cache-yul1970078-YUL
x-cache-hits: 0, 0
access-control-allow-headers
vary: Accept-Encoding, Accept-Language, Cookie
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
cache-control: max-age=1, stale-while-revalidate=10800, stale-if-error=86400
x-timer: S1729114440.379142,VS0,VE230
access-control-allow-credentials: true
allow: OPTIONS, GET
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2299
content-language: en-us
server: nginx

GET
H2 200 section-feed.js Show response
cdn.shopify.com/extensions/8cf6ad82-dd66-4224-aa48-5226ca754f1d/maestrooo-section-feed-7/assets/ 30 KB
5 KB 79ms
32ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/8cf6ad82-dd66-4224-aa48-5226ca754f1d/maestrooo-section-feed-7/assets/section-feed.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3da35fa622f089b4303970e070e9a45461bd1f8c486731641575e2312e940d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 5850e8fa-1366-45a5-8f7e-379fff8ee633-1728529291
content-encoding: br
cf-cache-status: HIT
age: 585146
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ecQyZ%2FqFg7w0V6JXST4B7iDPg%2BparQHxWvGZgoep7TVw17TTL9vKEG8s%2FnNlJJlfX6Z%2BOhgZq2kXCWqesAjNFDLM7R0nB4AkzVZVL9KkY2CPiXmO53uWX%2F%2BXC%2FgapZntG9kNp7YC%2BFJy%2B%2Fr4kA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=68.726, imageryFetch;dur=67.108, cfRequestDuration;dur=15.999794, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 03:01:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/extensions/8cf6ad82-dd66-4224-aa48-5226ca754f1d/maestrooo-section-feed-7/assets/section-feed.js>; rel="canonical"
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2ba45da1a2b2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4011
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 shopify-perf-kit-1.0.0.min.js Show response
www.bfitamazing.com/cdn/shopifycloud/perf-kit/ 18 KB
6 KB 207ms
206ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shopifycloud/perf-kit/shopify-perf-kit-1.0.0.min.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

0339974e1ad182755334d2ed3f5e266d7e146ed05f118b49a9c104b330fd9034

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 6504f86d-dac1-49ee-97ec-247221c60e5f-1724866205
content-encoding: br
cf-cache-status: HIT
age: 666398
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vhbtLXUW2RK0Np4Ldx9eBTAr%2BgLuvMv3TAqmOWgVD6G%2BZtBi%2F2ckEGt2YWonEQBjOv9wrwzXeB2tWMfWbLkl4OtTjJAZ0GK8EIz%2BEZ%2FTJ%2FYXHSVpeSL6AeMDUHR%2B8PcpcKbdco%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=87.457, imageryFetch;dur=71.623, cfRequestDuration;dur=16.000032, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 28 Aug 2024 17:30:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/perf-kit/shopify-perf-kit-1.0.0.min.js>; rel="canonical"
cache-control: public, max-age=31536000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4188442e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5736
x-xss-protection: 1; mode=block
x-sorting-hat-podid: -1
server: cloudflare

GET
H2 200 2_1_180x.png
www.bfitamazing.com/cdn/shop/files/ 3 KB
4 KB 40ms
39ms Image
image/avif 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/2_1_180x.png?v=1661197255

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4550d9663af4d6f309c0801f8fc39d99c6efac7af4f36538d336e48d61c2f5a8

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: d0664775-aa36-4314-87aa-824032385a86-1725363363
access-control-expose-headers: *
cf-cache-status: HIT
age: 27497
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QbNZj9wkbmrekmACebJ2KzV6gaghZbCCE0TPd80wU0BHghDmzUMaPbL%2FTaQi%2BGOLqyYbM5qf2DcmRbvSEEO8o4zMYSpaApLQU7NbYZcnGCzqgsowcyaqIdhMgZkh6LY9OOUeM91vSykgMUuicB7TlZ0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=265.392, imageryFetch;dur=102.571, imageryProcess;dur=161.788;desc="image", cfRequestDuration;dur=19.999981, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/png
content-type: image/avif
vary: Accept, Accept-Encoding
last-modified: Tue, 03 Sep 2024 11:36:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 22777
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba35f49a2d2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3294
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H2 200 seamless_2_1x1.jpg
www.bfitamazing.com/cdn/shop/files/ 704 B
2 KB 40ms
40ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/seamless_2_1x1.jpg?v=1661254290

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d5faf1a33d111264fb6ef858eee867d64611f91fc3e033db07d322fbdfa340

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: eee77070-3fa1-463c-b6bd-f564e957bf97-1726794454
access-control-expose-headers: *
cf-cache-status: HIT
age: 508763
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEs5FY%2Bi5luu1Vnr33pNEHQgshZQ8SLj1wJ3XrXjtAlbz3GVnP5jU9aC6HEMEY1CcVSqoKWCxTxjgcPpVGIeXJtqeT2z3PAsry7zx1f7jx0LkGYr7r%2BUZGf6SHPJnr132U0BFsi2yIEtRjQi%2FRh2euo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=354.748, imageryFetch;dur=109.189, imageryProcess;dur=92.057;desc="image", cfRequestDuration;dur=22.000074, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Fri, 20 Sep 2024 01:07:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 935861
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba35f4ba2d2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 704
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 3_1x1.jpg
www.bfitamazing.com/cdn/shop/files/ 692 B
2 KB 43ms
42ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/3_1x1.jpg?v=1661106972

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d2b291648a1d42780b0044c40578a04c3f7e117284720ec3129c55b9c4acd6bd

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: ba7e01c5-f7f6-45f0-8516-58bedb5da3fb-1715642962
access-control-expose-headers: *
cf-cache-status: HIT
age: 13467353
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qX8cXYhFoJzDCR7yQh69oRxfse%2BzXxoGZ9lvIt4iQaH%2F3aKyJXn87eGiHc9JsKwRUcsNh097iSFMcpv6i9Sktp%2Fs6c5pi1KxI4cHXe%2BB0%2B2mKuNoQd0h5024lVEGEtIsrq6wbb4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=157.425, imageryFetch;dur=99.379, imageryProcess;dur=56.571;desc="image", cfRequestDuration;dur=16.999960, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Mon, 13 May 2024 23:29:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 649358
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba3b81d42e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 692
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H2 200 price-widget Show response
widget.sezzle.com/v1/javascript/ 123 KB
32 KB 103ms
38ms Script
text/javascript 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/javascript/price-widget?uuid=7f8153a3-9e4c-481d-b883-6eb290dab582

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c38660534a219103f17b924d13d0f0e67554bbda1b4b45e45ef48d1d390c020d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
cache-control: public,max-age=1800
content-encoding: gzip
age: 1597
x-content-type-options: nosniff
via: 1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: kmIERKyLfFbhWCP4L2ueLWhBC8nVoEkoYS4K1v1hYjAbEPGIhIQo_w==
date: Wed, 16 Oct 2024 21:07:23 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 sezzle-checkout-button-asset.js Show response
www.bfitamazing.com/cdn/shop/t/27/assets/ 4 KB
2 KB 46ms
46ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shop/t/27/assets/sezzle-checkout-button-asset.js?v=86677476294945728171667084167

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

b183b15cf4982eeae148cf6f04840c22870d7f0ff9766e2b73e1f01bf1b989c7

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 5433daa2-fa0f-42ff-98b2-476465699e5d-1715621183
access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 2298962
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcOXjgd9HTMx7WhvGz8JbXPZJLPanF%2BeWMr1%2BUQBhT08bCyEikj9jI6nnZlDUBnU5IkcqvWCkyLzFudFN8SY6zE0tnUZi9qGa7MkkTiPcNydygpV5NslYDmyXHTeMY30b1zexkQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=93.216, imageryFetch;dur=67.771, cfRequestDuration;dur=16.000032, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 13 May 2024 17:26:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0141/8838/0214/t/27/assets/sezzle-checkout-button-asset.js>; rel="canonical"
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba3f86142e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1365
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H2 200 triplepx.txt Show response
triplewhale-pixel.web.app/ 104 KB
35 KB 61ms
17ms XHR
text/plain 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://triplewhale-pixel.web.app/triplepx.txt?-19213

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fd5176567526e8f17282da8e6dad1600f84c5f04021c64efde95e9f82e7e78fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

access-control-max-age: 3600
content-encoding: br
etag: "b63d53e14a681957bdcfb67e3af4a6be28d25176bed8b05bd708869164f85529-br"
access-control-allow-methods: GET, POST, DELETE, OPTIONS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/plain; charset=utf-8
last-modified: Tue, 15 Oct 2024 13:41:53 GMT
x-served-by: cache-yul1970075-YUL
x-cache-hits: 116
access-control-allow-headers: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
cache-control: max-age=3600
x-timer: S1729114440.306126,VS0,VE0
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35115

GET
H3 200 bf89442e3w5976a1a5pcc3547ffmf63603f5m.js Show response
www.bfitamazing.com/cdn/wpm/ 123 KB
41 KB 208ms
206ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

bf41a7b9f94976331005fe1f97a3194ddefc3a976d82b57b2e38e5f0f7ea3f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 9af7bb80-e06b-42b0-bd44-f613a3ecc4cd-1729086907
content-encoding: br
cf-cache-status: HIT
age: 27532
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D2bYS5HBsFDg%2BFzCZMsdn7nmOqnaoSzP4LeRB%2FbmlNCYZMmUA2FIOG0e9wDpAhi7gNJDL%2FZkDoB1paODnMtzBb5486XYNWx9CLv1%2BPnnXDO9UKQ2iIotxEZMB2UlIvhVVkvBF78%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=78.154, imageryFetch;dur=67.034, cfRequestDuration;dur=19.000053, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 13:55:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js>; rel="canonical"
cache-control: public, max-age=31536000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4188542e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41542
x-xss-protection: 1; mode=block
x-sorting-hat-podid: -1
server: cloudflare

GET
H3 200 trekkie.storefront.a8ef5c2c4f1c6e0839c6b8857d0a2edb7d22d961.min.js Show response
www.bfitamazing.com/cdn/s/ 114 KB
25 KB 253ms
251ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/s/trekkie.storefront.a8ef5c2c4f1c6e0839c6b8857d0a2edb7d22d961.min.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

a3c053d11506f3f1ef0795f89739c8a0f99e4e2d50fc05205b4ec0a818a32c57

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 396c52c1-c55d-4839-b2bb-1e6998a15a18-1729086039
access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
age: 165
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvnU2mu71FH64gIyscZuyhOcQJ%2Bb0NJ0wjtY5hOFQFiZT2E5uKx63ImU4h3wSGoiPDFKJN05rgYIvi%2FOxa%2FUa5f%2FaeWox6aEDVDlWbZB%2Bb4X6z%2F0PzlwJdyLFXJ4UoLSpcdFeAc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=162.663, imageryFetch;dur=156.027, cfRequestDuration;dur=16.999960, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 13:40:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/trekkie.storefront.a8ef5c2c4f1c6e0839c6b8857d0a2edb7d22d961.min.js>; rel="canonical"
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31536000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4188642e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24291
x-xss-protection: 1; mode=block
x-sorting-hat-podid: -1
server: cloudflare

GET
H3 200 shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js Show response
www.bfitamazing.com/cdn/shopifycloud/shopify/assets/ 8 KB
3 KB 277ms
276ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 491ac3ca-3923-43c9-957f-4b7334e660e5-1728024449
content-encoding: br
cf-cache-status: HIT
age: 79674
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgJfEICK3ZJG9r9ZQQs6ZxdgTKhc%2F%2BJBD6YPOXCO%2FF7oruXd%2FaxbAzOmfXkHj0%2FR%2Flr1xzD5Y32U6L%2FB5ihU8MrrE%2BxItSP%2BC7ferbHcmHpcRRhyDu%2BbjskJkjMIcstZnu%2FbDps%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=35.052, imageryFetch;dur=28.785, cfRequestDuration;dur=16.999960, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 04 Oct 2024 06:47:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js>; rel="canonical"
cache-control: public, max-age=31556952, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4188842e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2640
x-xss-protection: 1; mode=block
x-sorting-hat-podid: -1
server: cloudflare

GET
H3 200 shopify-boomerang-1.0.0.min.js Show response
www.bfitamazing.com/cdn/shopifycloud/boomerang/ 61 KB
19 KB 45ms
42ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

468e777478117be830b202b97cdf0304bee6f3d9fd4cb1ce70650ed93b7fa4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 9e2c89f4-82d5-4d13-9813-196de33a15bf-1719500514
content-encoding: br
cf-cache-status: HIT
age: 482676
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QbOma60%2B2GLA0594eHl%2FuE3vHz4ZRpZt%2BIl8vYTUiJOJDmUTJNQawuuZ%2FxNHrLd6I5kPKGhlGGMiaU1Fl%2FBgw9IKeXVDqSaAyrkbBmrPCuopestPxJWQ%2BXjuQo6rZViIqqXNoFc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=48.792, imageryFetch;dur=34.364, cfRequestDuration;dur=15.999794, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Thu, 27 Jun 2024 15:01:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4187b42e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18578
x-xss-protection: 1; mode=block
x-sorting-hat-podid: -1
server: cloudflare

GET
H3 200 montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2
www.bfitamazing.com/cdn/fonts/montserrat/ 22 KB
23 KB 269ms
268ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/fonts/montserrat/montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2?h1=YmZpdGFtYXppbmcuY29t&h2=YW1hemlnaGxkLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=88c34c028d5da3c1bb622737eff8cf617617537c20f82229848495cb115f56b5

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: ca92f93f-6f0b-4fe9-a0f7-f7920019336a-1728106817
cf-cache-status: HIT
age: 657712
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Ii0t3%2F9biuBgnAoTAdluOP6wdeRkRHWzV9mhrk6qXhx1AdM90OPtRZ2iWVhR6RqqLOGmsjmWR0yW6dVXZYIvlMs0Y8mIWe8wvbQisWF2tl9DUvnbXkp7TPSd4gQ7pR7%2B0fvCR4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=96.992, imageryFetch;dur=96.526, cfRequestDuration;dur=16.000032, ipv6, cfRequestDuration;dur=31.000137, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: font/woff2
last-modified: Sat, 05 Oct 2024 05:40:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=2629800, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4288e42e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22716
x-xss-protection: 1; mode=block
server: cloudflare

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 checkout-button-renderer.min.js Show response
cdn.shopify.com/extensions/5aa89fcf-d1f1-4cb2-bffc-bf112dd10e05/sezzle-widget-121/assets/ 2 KB
1 KB 44ms
33ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/5aa89fcf-d1f1-4cb2-bffc-bf112dd10e05/sezzle-widget-121/assets/checkout-button-renderer.min.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a74f4a719e2aeec87d3a9deae04383c434484d9f6c45ad6c3e0522dd1af253a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 512f3a98-357b-4a56-a50f-367dfa558942-1728582428
content-encoding: br
cf-cache-status: HIT
age: 78269
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ke2e0rpFxybVEpefXuywITus6TInzGVbhpCebottUSXAPRnNGzfFSM%2F%2By6%2BQB1mdMINL1OXNGi4N8vUmK%2B4Lsw6tkVL2yud8dFQJJdzXTKnD4KhGHkycSPuICk8iLTK3QzS1bOcgXU%2BIFj7QEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=273.384, imageryFetch;dur=29.677, cfRequestDuration;dur=13.999939, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 17:47:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/extensions/5aa89fcf-d1f1-4cb2-bffc-bf112dd10e05/sezzle-widget-121/assets/checkout-button-renderer.min.js>; rel="canonical"
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2ba45da3a2b2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 915
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 widget-renderer.min.js Show response
cdn.shopify.com/extensions/5aa89fcf-d1f1-4cb2-bffc-bf112dd10e05/sezzle-widget-121/assets/ 2 KB
1 KB 45ms
35ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/5aa89fcf-d1f1-4cb2-bffc-bf112dd10e05/sezzle-widget-121/assets/widget-renderer.min.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3774c935fed760f49fdb7cef27ce2db9c3b5facc81e9c464c78ec48a0c777bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 629e3933-330e-400d-9877-a2b6cc86be15-1728466560
content-encoding: br
cf-cache-status: HIT
age: 11187
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJ5QSUla7XvZWehMs4lmF%2BzRQfaQFC7MB7%2BsT43VOUzYPBViRwcXh265vNnZYINAyK4OBVPbgcEFOVtjUzCn1gEvJ0KwFlTQQelsjsAPcWVC2ytPPtE7se6SwgYV%2Fe%2BDvll7mHzoIRXNV6seng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=358.961, imageryFetch;dur=34.326, cfRequestDuration;dur=16.000032, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 09 Oct 2024 09:36:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/extensions/5aa89fcf-d1f1-4cb2-bffc-bf112dd10e05/sezzle-widget-121/assets/widget-renderer.min.js>; rel="canonical"
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2ba45da4a2b2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 814
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 seamless_2_1x1.jpg
www.bfitamazing.com/cdn/shop/files/ 704 B
0 1ms
1ms Image
image/webp 2620:127:f00f:e::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/seamless_2_1x1.jpg?v=1661254290

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:e:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d5faf1a33d111264fb6ef858eee867d64611f91fc3e033db07d322fbdfa340

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: eee77070-3fa1-463c-b6bd-f564e957bf97-1726794454
access-control-expose-headers: *
cf-cache-status: HIT
age: 508763
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEs5FY%2Bi5luu1Vnr33pNEHQgshZQ8SLj1wJ3XrXjtAlbz3GVnP5jU9aC6HEMEY1CcVSqoKWCxTxjgcPpVGIeXJtqeT2z3PAsry7zx1f7jx0LkGYr7r%2BUZGf6SHPJnr132U0BFsi2yIEtRjQi%2FRh2euo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=354.748, imageryFetch;dur=109.189, imageryProcess;dur=92.057;desc="image", cfRequestDuration;dur=22.000074, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Fri, 20 Sep 2024 01:07:34 GMT
source-length: 935861
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba35f4ba2d2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 704
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 6_1x1.jpg
www.bfitamazing.com/cdn/shop/files/ 698 B
2 KB 268ms
267ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/6_1x1.jpg?v=1661106972

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d006c54a029c959c5d071460f27253c76afef2353be4c685a741487b2e0cfa41

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 05e2181b-5b4e-42f3-ac16-f600e7f2106d-1715629827
access-control-expose-headers: *
cf-cache-status: HIT
age: 13467350
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=agT%2BTNgil7%2F0HI1HBDu%2BkUT3jJpQ7qXrp%2BE3ErhInRtZcKQxBsWK%2Bvf%2F4ITzGflErmhpww6LNbBHOtKJtff60BDX4at0Xy7TnkPX5StNcQPN3XELp0QvQ4UsXXrzQ58nuhjuTKY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=136.744, imageryFetch;dur=75.407, imageryProcess;dur=58.852;desc="image", cfRequestDuration;dur=19.999981, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Mon, 13 May 2024 19:50:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 596566
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba448b442e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 698
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 pexels-lloyd-james-11588005_07ee7824-4064-49cb-b1fa-a63f8c24f965_1x1.jpg
www.bfitamazing.com/cdn/shop/files/ 694 B
2 KB 269ms
268ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/pexels-lloyd-james-11588005_07ee7824-4064-49cb-b1fa-a63f8c24f965_1x1.jpg?v=1660675183

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

892e2e7753150d401738d32596d2002f0bd4f72732da65cf95d8a796cff7d8b2

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: f7d80df2-991c-43ef-9d3b-8ee997ec4d12-1715642471
access-control-expose-headers: *
cf-cache-status: HIT
age: 13467422
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZwkYf06bElLqqEunJQjKS4WSI4HlKDWDZBlgPe1Wr8QgkbcFZvm9GLNyyPC9Bpv7JzB1p252BYXEws0ZizdISl1YJKG8%2BsNKsNZGarfLZn8fvHBUjruNoi4F2E9ACovKP%2FV3wsk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=531.873, imageryFetch;dur=127.740, imageryProcess;dur=403.012;desc="image", cfRequestDuration;dur=19.999981, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Mon, 13 May 2024 23:21:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 850947
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba448b642e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 694
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 4_0ecf66e1-1c8c-4113-a17f-e83bc1654491_1x1.jpg
www.bfitamazing.com/cdn/shop/files/ 698 B
2 KB 269ms
268ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/4_0ecf66e1-1c8c-4113-a17f-e83bc1654491_1x1.jpg?v=1661123650

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

74296de1f373b34282073f19bdc74d2992a036721c4541992443b879c47b7c35

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: afce0fa3-5c87-41d9-bd0f-fba86b90fbd3-1715643906
access-control-expose-headers: *
cf-cache-status: HIT
age: 13467349
x-dc: gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cg%2Fm43Kjpts2KxHaRJqQRagrEslpSr9aPgFN3JjwFAGmm9nfJwqHzUStyEj%2Fi3MHtoXhUcgpZ2Ksejv8gcxyqKKIBWK7o5O34U%2Bd%2Fa4PKxz2BbsolI00%2FUoG%2F6JHaF7VvwRM8bE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=204.286, imageryFetch;dur=132.288, imageryProcess;dur=69.787;desc="image", cfRequestDuration;dur=17.000198, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Mon, 13 May 2024 23:45:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 450401
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba448b742e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 698
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 joggers_1x1.jpg
www.bfitamazing.com/cdn/shop/files/ 700 B
2 KB 270ms
269ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/joggers_1x1.jpg?v=1661106972

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

f8a6da3f23efa5d729d1cb8ac8da43bab8f3ec27583974f961dc154c77c59613

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: cf0d8bc1-4c02-462f-b93e-26026d10e65a-1715640955
access-control-expose-headers: *
cf-cache-status: HIT
age: 13467348
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cgor5QHzP6W54jJcvCkfgbmhfANlAN8JwrEjOmqhu05OEXt5P%2BT6rBBhm7hp2Lzj1sMzLB2uR3TO2KkiZ776oEhBxt3KgmQtYZb4etjHR8AduIWhhbGcRR9ltuphRJjYNT%2BrdZY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=337.876, imageryFetch;dur=102.348, imageryProcess;dur=61.482;desc="image", cfRequestDuration;dur=16.000032, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Mon, 13 May 2024 22:55:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 897691
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba448b842e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 700
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 montserrat_n7.c496e9cf2031deec4c4bca338faa81971c8631d4.woff2
www.bfitamazing.com/cdn/fonts/montserrat/ 22 KB
23 KB 261ms
261ms Font
font/woff2 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/fonts/montserrat/montserrat_n7.c496e9cf2031deec4c4bca338faa81971c8631d4.woff2?h1=YmZpdGFtYXppbmcuY29t&h2=YW1hemlnaGxkLmFjY291bnQubXlzaG9waWZ5LmNvbQ&hmac=68a0256cd16b23e63deaee01a2f32b8b038690783a8c9cd61bdad8a590e6e5c4

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

b59d5f1c395f6c6931df5d01e7de4086834c7098cdfd6d043fb5199b5dae2236

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: d9bbebec-d299-40ab-883e-2e17f04752a8-1728019494
cf-cache-status: HIT
age: 487115
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gguwt%2Bw96npmAt%2Bp1D5RAtMYAUBVRJGq4l8iItxnCnqj38C0%2B6%2BKwTdeB7HG3GLHC9UWB3teGeG6w2xYiVr%2BBIlOAeXWL1bwnD3c%2FOUcrjNtnRPGNMTN49dxi2b1JNEO26YvbWA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=101.167, imageryFetch;dur=100.898, cfRequestDuration;dur=8.000135, ipv6, cfRequestDuration;dur=25.000095, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: font/woff2
last-modified: Fri, 04 Oct 2024 05:24:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=2629800, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba458bf42e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22736
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 127ms
125ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: widget.sezzle.com
URL: https://widget.sezzle.com/v1/javascript/price-widget?uuid=7f8153a3-9e4c-481d-b883-6eb290dab582

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: e44L-lZQVr550qEBK7Hl0bQUaz6XSvdCIAlrjShf9xa3Z6Eyf5WoOw==
date: Wed, 16 Oct 2024 21:34:00 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 log
widget.sezzle.com/v1/event/ Frame 0
0 85ms
34ms Preflight 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bfitamazing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Authorization, Content-Type
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 50
age: 1597
content-length: 0
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Wed, 16 Oct 2024 21:07:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
x-amz-cf-id: IvtlXQy-x68mU1JduOk5JxfGO2_APg9uGJYZCkchrYFTS_Ut-qDPFg==
x-amz-cf-pop: JFK50-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 124ms
123ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/shop/t/27/assets/sezzle-checkout-button-asset.js?v=86677476294945728171667084167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 0u3xdSBkn6O3nvgCvzxYzCfz3QldeUjWQKTDgCdUnxiPynyQytc9eQ==
date: Wed, 16 Oct 2024 21:34:00 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 log
widget.sezzle.com/v1/event/ Frame 0
0 80ms
34ms Preflight 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bfitamazing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Authorization, Content-Type
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 50
age: 1597
content-length: 0
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Wed, 16 Oct 2024 21:07:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
x-amz-cf-id: RRbVs0aOzy4CkyGohd7hOC5RR-4TAw05UrjJXPKNie-T94hCkbU0fg==
x-amz-cf-pop: JFK50-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H2 200 sezzle-checkout-button.min.js Show response
checkout-sdk.sezzle.com/ 55 KB
19 KB 96ms
28ms Script
application/javascript 2600:9000:28b2:2800:0:8879:1f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout-sdk.sezzle.com/sezzle-checkout-button.min.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/5aa89fcf-d1f1-4cb2-bffc-bf112dd10e05/sezzle-widget-121/assets/checkout-button-renderer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:28b2:2800:0:8879:1f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4f6de0668340817dc2f5add9a31011870ec026672717e78880e35b18b018ac82

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
x-amz-version-id: qsqkbiwDwd0ScKE37_1w4QZklRi0GV09
etag: W/"e8fcd4bfdb374726b8e1887921be33ce"
age: 719
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: TwDt2a1QiFzhNeBRQPiw1waBcfQqzIs6n6iu8lKTnsdn8Fr-k3yLXQ==
date: Wed, 16 Oct 2024 21:22:02 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 15:35:00 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
cache-control: max-age=31536000,public
via: 1.1 722941ea5f2183d4a12262e95ff19d7a.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block;
x-amz-cf-pop: JFK52-P8
x-amz-server-side-encryption: AES256

GET
H2 200 price-widget Show response
widget.sezzle.com/v1/javascript/ 123 KB
32 KB 31ms
29ms Script
text/javascript 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/javascript/price-widget?uuid=7f8153a3-9e4c-481d-b883-6eb290dab582&theme_store_id=null&theme_name=Prestige&block_type=embed

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/5aa89fcf-d1f1-4cb2-bffc-bf112dd10e05/sezzle-widget-121/assets/widget-renderer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c38660534a219103f17b924d13d0f0e67554bbda1b4b45e45ef48d1d390c020d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
cache-control: public,max-age=1800
content-encoding: gzip
age: 1597
x-content-type-options: nosniff
via: 1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: sLAgp_AYSKqUkoG5fj4L-Bw5zmEE__gzoA9j6gg78xSrqAxAAu1Efw==
date: Wed, 16 Oct 2024 21:07:23 GMT
x-xss-protection: 1; mode=block;
content-type: text/javascript
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 seamless_2_1600x.jpg
www.bfitamazing.com/cdn/shop/files/ 165 KB
166 KB 189ms
188ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/seamless_2_1600x.jpg?v=1661254290

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

6cba8af2349025da789b0cb1d647df9fbb0f944f5af1c27198afc12cfcfcab4d

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: a12627b6-b705-4303-87fb-b4e2ca0036b6-1726804962
access-control-expose-headers: *
cf-cache-status: HIT
age: 14012
x-dc: gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ZeHQPD%2Ff7qxZo9v2cG5catOUdIo0PPFrQsQ%2FbLGWp2I4KK3btn3x7eE6T16DdGxrBxKMzjyRQahaBi%2BYVKg4MLfVwm1owyp%2FIwue6yE%2BkkPM5IEJ6tXems1LvTOfGUaZMyoVfA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=869.321, imageryFetch;dur=196.311, imageryProcess;dur=671.131;desc="image", cfRequestDuration;dur=19.999981, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Fri, 20 Sep 2024 04:02:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 935861
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba4f99a42e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 168904
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H3 200 3_1x1.jpg
www.bfitamazing.com/cdn/shop/files/ 692 B
0 0ms
0ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/3_1x1.jpg?v=1661106972

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

d2b291648a1d42780b0044c40578a04c3f7e117284720ec3129c55b9c4acd6bd

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: ba7e01c5-f7f6-45f0-8516-58bedb5da3fb-1715642962
access-control-expose-headers: *
cf-cache-status: HIT
age: 13467353
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qX8cXYhFoJzDCR7yQh69oRxfse%2BzXxoGZ9lvIt4iQaH%2F3aKyJXn87eGiHc9JsKwRUcsNh097iSFMcpv6i9Sktp%2Fs6c5pi1KxI4cHXe%2BB0%2B2mKuNoQd0h5024lVEGEtIsrq6wbb4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=157.425, imageryFetch;dur=99.379, imageryProcess;dur=56.571;desc="image", cfRequestDuration;dur=16.999960, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Mon, 13 May 2024 23:29:22 GMT
source-length: 649358
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba3b81d42e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 692
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H2 200 media Show response
d3ejra0xbg20rg.cloudfront.net/instagram/ 15 KB
5 KB 1544ms
1371ms Fetch
application/json 2600:9000:28b2:e200:13:39e7:1700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ejra0xbg20rg.cloudfront.net/instagram/media?shop=amazighld.myshopify.com&resource=default
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/8cf6ad82-dd66-4224-aa48-5226ca754f1d/maestrooo-section-feed-7/assets/section-feed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:28b2:e200:13:39e7:1700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / PHP/8.1.12
Resource Hash: fbb91ff03cc055902dea0e6e1b0a9d414a3040e57d5077480333b9a19336fb15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

cache-control: max-age=1800
content-encoding: gzip
x-amz-apigw-id: fwyjbHJljoEEYaQ=
x-amzn-trace-id: Root=1-67103148-674d179a2c4f8a6842fa0352;Parent=17cd18c8a68160b3;Sampled=0;Lineage=1:418c10ca:0
x-amzn-requestid: ddbd0823-207f-4411-8f4d-d62072133533
via: 1.1 97713e58966a50f0173f1cdb4e67aea0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 4316
x-amz-cf-id: bLXra28thsDndNJBRayQ_3TcmAcmjm9ZqPiUvphIJhWPz4ZPwU94yQ==
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: application/json
x-powered-by: PHP/8.1.12
x-amz-cf-pop: JFK52-P8

GET worker.modern.js
www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/web-pixel-182780177@4fd0680eed907adaf3f85849c393d688/sandbox/ Frame 0
0

GET worker.modern.js
www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/web-pixel-12976401@bb41bf091d86ec09beb5141ead6fafc0/sandbox/ Frame 0
0

GET worker.modern.js
www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/web-pixel-shopify-app-pixel@0220/sandbox/ Frame 0
0

GET
H3 200 pixel.modern.js Show response
www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/app/web-pixel-812417297@a46b87f88a4ff97a9490f9aa4799ba7b/ 12 KB
5 KB 244ms
244ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/app/web-pixel-812417297@a46b87f88a4ff97a9490f9aa4799ba7b/pixel.modern.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

856660aad236f69c3a5b7ec40674e38ebbbd095533a235c28e8b85cee9c1b261

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-robots-tag: noindex, nofollow
x-request-id: 397698a3-8344-41ca-a213-192741f37da9-1729086943
content-encoding: br
cf-cache-status: HIT
etag: "cacheable:037f7abec556e2b5d26eb92710ed9fae"
age: 25484
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40VgTCn723L6D25TmXKpPY1z1VlVCBNnTxFQX6nh9yjiKE6aYl2R7YF0zoK%2FrFIgvuhke416BnxBvu7i4gD%2Fn%2FN73G6Dc1XUOC%2BBMs%2BNcIVEj%2FECXzE9QJWLULTuddQdkBNvZ8I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: processing;dur=33, db;dur=5, db_async;dur=8.783, asn;desc="577", edge;desc="YUL", country;desc="CA", servedBy;desc="nrjl", requestID;desc="397698a3-8344-41ca-a213-192741f37da9-1729086943", cfRequestDuration;dur=25.000095, cfExtPri
x-cache: miss
alt-svc: h3=":443"; ma=86400
content-type: text/javascript; charset=utf-8
x-shopify-nginx-no-cookies: 0
cache-control: max-age=31536000, public
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
content-language: en
x-shopid: 14188380214
server: cloudflare
powered-by: Shopify
x-permitted-cross-domain-policies: none
date: Wed, 16 Oct 2024 21:34:00 GMT
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=7889238
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba61ab242e4-EWR
x-shardid: 272

GET
H3 200 pixel.modern.js Show response
www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/app/web-pixel-267059473@8b3843af2d71780cfb83fdde884ce168/ 5 KB
2 KB 244ms
243ms Script
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/app/web-pixel-267059473@8b3843af2d71780cfb83fdde884ce168/pixel.modern.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

ad093efc6d2cd6df2b7563140acf51f71072b8a650b900ad0007f61d42ae8128

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-robots-tag: noindex, nofollow
x-request-id: 6801e7b1-2f8a-46e9-99ba-397d92e25af0-1729086943
content-encoding: br
cf-cache-status: HIT
etag: "cacheable:23c79362e7a81cd8c7dc1a7976d9d275"
age: 25484
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2u8e9vO3wyBUJ3LEwv3noExY5H4gu%2BNUrFxutsXHEoQG0OxiiFadXaE6eHZRyuDqEuqibtLewkA1sJmPOgVbqharxlwRgVhy39Jp7edqTSOoqS4B62ziDGBk%2B5Kca8YHkteXUFI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: processing;dur=22, db;dur=5, db_async;dur=6.581, asn;desc="577", edge;desc="YUL", country;desc="CA", servedBy;desc="vfdw", requestID;desc="6801e7b1-2f8a-46e9-99ba-397d92e25af0-1729086943", cfRequestDuration;dur=19.999981, cfExtPri
x-cache: miss
alt-svc: h3=":443"; ma=86400
content-type: text/javascript; charset=utf-8
x-shopify-nginx-no-cookies: 0
cache-control: max-age=31536000, public
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
content-language: en
x-shopid: 14188380214
server: cloudflare
powered-by: Shopify
x-permitted-cross-domain-policies: none
date: Wed, 16 Oct 2024 21:34:00 GMT
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=7889238
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2ba61ab542e4-EWR
x-shardid: 272

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 128ms
127ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: Q8ztrB5dBSLcYb4-8UZR-EsoxYD1B6IqZS7uGvHIZwhKhrIygGz9uA==
date: Wed, 16 Oct 2024 21:34:00 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 /
www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/custom/web-pixel-shopify-custom-pixel@0220/sandbox/modern/ Frame 7ABE 0
0 64ms
63ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/custom/web-pixel-shopify-custom-pixel@0220/sandbox/modern/

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bfitamazing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 25484
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: HIT
cf-ray: 8d3b2ba64aec42e4-EWR
content-encoding: br
content-language: en-US
content-security-policy: block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Wed, 16 Oct 2024 21:34:00 GMT
etag: "cacheable:b2c29cd78415afc817de33a0646ff215"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccJxf8fI0i5SrTyMy5H6%2F87bhQCvdAy7MGvF8sigxgDePSzjnRQz9FtoIAztAvwbKsz%2F8Guuk8JnnukpW7TL9Ge%2BC6ASoqO5gSUFicsV4yGTTs9EpC18sFu0pbaHYEdRZ9c2R%2F8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=35, db;dur=4, db_async;dur=8.389, edge_cart;dur=1.57;desc="trips=1", asn;desc="21928", edge;desc="DFW", country;desc="US", theme;desc="124299214902", servedBy;desc="pklq", requestID;desc="03afe6e0-367a-479c-adb7-149fe0232eb3-1729087074" cfRequestDuration;dur=17.999887 cfExtPri, earlyhints
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
x-cache: miss
x-content-type-options: nosniff
x-dc: gcp-us-east1,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 03afe6e0-367a-479c-adb7-149fe0232eb3-1729087074
x-robots-tag: noindex, nofollow
x-shardid: 272
x-shopid: 14188380214
x-shopify-nginx-no-cookies: 0
x-sorting-hat-podid: 272
x-sorting-hat-shopid: 14188380214
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 136ms
134ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: XatQoo_mp2qguYB8kb-AA3UvEfjJCTApC7xcGGLOzH62ZLojsfAleg==
date: Wed, 16 Oct 2024 21:34:00 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

POST
H3 200 produce_batch
www.bfitamazing.com/.well-known/shopify/monorail/unstable/ 0
794 B 257ms
253ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/s/trekkie.storefront.a8ef5c2c4f1c6e0839c6b8857d0a2edb7d22d961.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bfitamazing.com/

Response headers

x-robots-tag: noindex
access-control-max-age: 86400
x-request-id: 1564b08e-0ed2-421f-92e9-3fc24c644a53
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jW5FVw0sje3Aq%2Btn9kPFkJWStaSyn4Cg7yDHb8OBykQ75BVCqovl4jdX5sS7fgOyZyx6Bk9d04HqQe76TfBpqkOz3a43hJcYtvhSxWmCs0xX3nIYrZ4a5USr5O%2BcTLDtHjzCo%2BE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfRequestDuration;dur=54.000139, cfExtPri
date: Wed, 16 Oct 2024 21:34:00 GMT
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-download-options: noopen
cf-ray: 8d3b2ba68b3d42e4-EWR
access-control-allow-origin: https://www.bfitamazing.com
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 101ms
31ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/s/trekkie.storefront.a8ef5c2c4f1c6e0839c6b8857d0a2edb7d22d961.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

5bbd9766838bf11e3ff360ec5cbb60d6ada352fbad7f7691e24f847313b9b1d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4448, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: CV5aps4UlbyhGGwBa0X8qlnsVrVx1lPDSKN+RVPtbbWIYIWzzYeHdvJF8/v3meVEGljLeFLsu2dJ+yIvWbmHWQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 124ms
27ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/s/trekkie.storefront.a8ef5c2c4f1c6e0839c6b8857d0a2edb7d22d961.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
age: 2243
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 22:56:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 20:56:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 130ms
117ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: muQW2ce91H-xZJ0z2XmVk4JN_FKTvyNoarcq3pwq8b0Mml94JFuK5g==
date: Wed, 16 Oct 2024 21:34:00 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

POST
H3 200 produce_batch
www.bfitamazing.com/.well-known/shopify/monorail/unstable/ 0
793 B 247ms
224ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/s/trekkie.storefront.a8ef5c2c4f1c6e0839c6b8857d0a2edb7d22d961.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bfitamazing.com/

Response headers

x-robots-tag: noindex
access-control-max-age: 86400
x-request-id: 64d43180-2a74-4889-b52b-05b9710dfee9
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QnbtH6ndQpm5ZTU4Yk45YjKfaxr944Q1DcIPrP%2FpT9uTjXUosX2uHrxgVC7Z8BbYPftBm%2B%2BzQNpbaAF4l%2BOnOngOZrcP7t8opBsHecYHglCK7u1ctKo5E3qHLA3aleUA1fGSE2I%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfRequestDuration;dur=55.999994, cfExtPri
date: Wed, 16 Oct 2024 21:34:00 GMT
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-download-options: noopen
cf-ray: 8d3b2ba69b5d42e4-EWR
access-control-allow-origin: https://www.bfitamazing.com
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 200 produce_batch
www.bfitamazing.com/.well-known/shopify/monorail/unstable/ 0
792 B 241ms
224ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/s/trekkie.storefront.a8ef5c2c4f1c6e0839c6b8857d0a2edb7d22d961.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bfitamazing.com/

Response headers

x-robots-tag: noindex
access-control-max-age: 86400
x-request-id: 084fe8c3-3064-46b2-91b3-783833ae8bd4
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2F9VUp6gqD1bNk%2B4m%2B4vIvCa5J65pWMjMJncz31AxWxQCCRAwduOH7rUHk7ip0kadK8NLsexD0CqNoztTyuxbJSBhLLvRpD6Fo8AdX0KOHst2X1voibhin96tEG8rWGIIIq3FmU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfRequestDuration;dur=53.000212, cfExtPri
date: Wed, 16 Oct 2024 21:34:00 GMT
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-download-options: noopen
cf-ray: 8d3b2ba6ab7242e4-EWR
access-control-allow-origin: https://www.bfitamazing.com
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

POST
H3 200 produce_batch
www.bfitamazing.com/.well-known/shopify/monorail/unstable/ 0
799 B 240ms
223ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/s/trekkie.storefront.a8ef5c2c4f1c6e0839c6b8857d0a2edb7d22d961.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bfitamazing.com/

Response headers

x-robots-tag: noindex
access-control-max-age: 86400
x-request-id: dac59969-0e1c-42aa-a635-0c640a6070b8
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XuKEDOD1O7VHhuZFXeMHRAlUWXIjPNBSMG5cGqRcpYI%2BbfgHq8GGb5IDmqDTjR8B5LyZMvoWSNHM%2BdZ7u%2BWfCuTwg%2BfIhku%2FwMINHFoZi29oEVBCat0YTo%2BW9dEsoJiBnCIO9ao%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfRequestDuration;dur=47.999859, cfExtPri
date: Wed, 16 Oct 2024 21:34:00 GMT
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-download-options: noopen
cf-ray: 8d3b2ba6bb8c42e4-EWR
access-control-allow-origin: https://www.bfitamazing.com
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 fender_analytics.673ab9965e3fc6bf229e.js Show response
static-tracking.klaviyo.com/onsite/js/ 33 KB
12 KB 111ms
18ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.673ab9965e3fc6bf229e.js?cb=1&v2-route=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b269ecdca61dbfbd68563737cb9a48ae529c5675fb0b4a5238c6b5142bbd9a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
etag: "2703a286624332197de0f01817b5b429"
x-amz-version-id: Iq_PsG9PNvI2rWCodbxdUG3f_VPzrm1J
age: 2400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Wed, 09 Oct 2024 12:53:58 GMT
content-type: application/javascript
x-served-by: cache-lga21933-LGA, cache-yul1970075-YUL
x-cache-hits: 19, 809
x-amz-id-2: TWswEjbG+WQBZnqZeMgeht+7/+2DmMzKg+vVxmIoNgcd+gBotCR/1980RoF2kOsMAuTVn92RPIA=
vary: Accept-Encoding
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash: 80c80f0853a5e2467d4546aa1f90bd1845320f78
x-amz-request-id: 151P150FXG762ESA
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: fender-asset
content-length: 12133
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 static.8d136cd44b74e8189276.js Show response
static-tracking.klaviyo.com/onsite/js/ 495 B
573 B 112ms
20ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.8d136cd44b74e8189276.js?cb=1&v2-route=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6eaa7d84867f4a3f58d1cff2d44b4d4adfcc58072a48d761fe092b7e6172b253

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
etag: "264b8a3f80d7760ba761881fd76641fb"
x-amz-version-id: 8LPv.UmQRAdXN8Ae8bYabMPLWju1SgIH
age: 2400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Tue, 01 Oct 2024 05:26:15 GMT
content-type: application/javascript
x-served-by: cache-lga21934-LGA, cache-yul1970075-YUL
x-cache-hits: 738003, 811
x-amz-id-2: Wgu79tvJYQYffoKns4bEboji+gVWbXNG1AEnBxdZTNhXb9YtjD5rCRyZfCTjj9ygTFfhoaGT/795lBaHlzMqf0Uzwp7rICVC
vary: Accept-Encoding
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash: 2513c87ae46cd53c9860f8ca0b525781133483ce
x-amz-request-id: CHZ8ZJ897DD6XQBY
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: fender-asset
content-length: 280
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 runtime.1e65ec082fc49fef39a9.js Show response
static.klaviyo.com/onsite/js/ 20 KB
8 KB 61ms
19ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.1e65ec082fc49fef39a9.js?cb=1&v2-route=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44c533accdaaf6807e71f3ab9a98402c13cf12abeb5ea8eb4adab04e7ec2a1a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
etag: "f2e09b94a4d6bf33f1950986c951a774"
x-amz-version-id: XGc4EU_3Bf6LLUI6qfYO9Ph9jXz.bId0
age: 2400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Wed, 16 Oct 2024 19:37:46 GMT
content-type: application/javascript
x-served-by: cache-lga21929-LGA, cache-yul1970079-YUL
x-cache-hits: 6, 1006
x-amz-id-2: ErFx4ecKtZufHEu10ujcJiMcVz5OjO/YdswzrUypNBsM+YOaJ5AkGCqsTKPlHX0S9cuaEYPMrbk=
vary: Accept-Encoding
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash: c1a79e635af3a7638dd54ab9a86a688ea3cad894
x-amz-request-id: NKWR3PHER6RFVF3N
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: fender-asset
content-length: 7832
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sharedUtils.3ee3ffff305afeb8e5df.js Show response
static.klaviyo.com/onsite/js/ 49 KB
18 KB 60ms
18ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.3ee3ffff305afeb8e5df.js?cb=1&v2-route=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbbc0bd4a4a39a1230786666756234e6c7067f543dedfaf3dd81265f37bbc3b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
etag: "9843a1ee6f5e74afdfa6b5959a03f719"
x-amz-version-id: tPNlUShDCj7jUPAGfoBDhiIwEXAACrH_
age: 2400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Thu, 10 Oct 2024 16:01:41 GMT
content-type: application/javascript
x-served-by: cache-lga21936-LGA, cache-yul1970079-YUL
x-cache-hits: 29, 945
x-amz-id-2: JVUiYRN3jkdc9ihfmvy/WIbnnhl2SJC2RQWBiLnzCiAn8Y7ER5IX3LsNKbkpYZBK/m5lVE+t/cuJXSjY1IUlJg==
vary: Accept-Encoding
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash: f1e4b50f8d027116bc21f84b4a80f6de629060f8
x-amz-request-id: 4HPKEE1V8ZQ49RTX
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: fender-asset
content-length: 18138
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendors~signup_forms~post_identification_sync~onsite-triggering~customerHubRoot.8c45a4643eee76f6e5c9.js Show response
static.klaviyo.com/onsite/js/ 12 KB
4 KB 59ms
16ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering~customerHubRoot.8c45a4643eee76f6e5c9.js?cb=1&v2-route=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2586e045767a0379e2072dc2fd04a86e9b2514620ffab62af46318aa20e2f01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
etag: "bcbe97b98d6018eab1657c41ede222ec"
x-amz-version-id: CHeJZixobA7bY8xqgB4ZDdg7TIWKh3DH
age: 2400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Tue, 17 Sep 2024 00:20:01 GMT
content-type: application/javascript
x-served-by: cache-lga21944-LGA, cache-yul1970079-YUL
x-cache-hits: 516, 704
x-amz-id-2: lm3rfUGTwtOZX99xyZj3MbC8WrhqsnjVN74hwzF1tEPj/UNivVN4s2Ct3ixrovR5QhPpuKu5POs=
vary: Accept-Encoding
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash: 14d6be5bb95b9a416778969a7dd88f4a1d11445f
x-amz-request-id: KTZCXE4A4V1K0H69
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: fender-asset
content-length: 4100
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendors~signup_forms~client_identity~onsite-triggering.a5132836f59bf0572cba.js Show response
static.klaviyo.com/onsite/js/ 8 KB
3 KB 61ms
19ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms~client_identity~onsite-triggering.a5132836f59bf0572cba.js?cb=1&v2-route=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d702707f2225f15e41a83292f1ae349fabeb590c257526b64abaeaf53c76357

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
etag: "ca61644148c891b88f740e4084dd00a5"
x-amz-version-id: vTsCj9Btlf7acx72CGCdfZzbeNldMwc6
age: 2400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Mon, 07 Oct 2024 20:09:04 GMT
content-type: application/javascript
x-served-by: cache-lga21980-LGA, cache-yul1970079-YUL
x-cache-hits: 41, 710
x-amz-id-2: UVHwzLQKBN9JX7y/LBLknwW6U+1AGLNoOHf+y4zKMBbxpUZsT8jHTjyeI17NMojpYcb+3XdkNvE=
vary: Accept-Encoding
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash: 4797febcc7039ef5364e42b10dd8053e52b6f232
x-amz-request-id: NS43G67YMWXM2GVA
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: fender-asset
content-length: 2922
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendors~signup_forms.ffb16c5d33241b7ebc9d.js Show response
static.klaviyo.com/onsite/js/ 13 KB
5 KB 87ms
46ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.ffb16c5d33241b7ebc9d.js?cb=1&v2-route=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea56502693fda98428697c457b61f6b75a251aa229033d1986cb06f50b5b4c09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
etag: "2637231e0e24a8380341f0ec27de82ac"
x-amz-version-id: ELFErkcq.8n8V_pqdd3GoysojQhYfxzO
age: 2400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Mon, 07 Oct 2024 20:09:04 GMT
content-type: application/javascript
x-served-by: cache-lga21984-LGA, cache-yul1970079-YUL
x-cache-hits: 21, 718
x-amz-id-2: klOf1xHH2gMisCj3o3HTIyRrqP6LF1kUFeHsACIUJypKMuuMnX6QKg/upzUazz5D2yxZd4j8Tlw=
vary: Accept-Encoding
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash: 4797febcc7039ef5364e42b10dd8053e52b6f232
x-amz-request-id: NS46SZ4RWX37DRC6
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: fender-asset
content-length: 4339
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 default~signup_forms~onsite-triggering.53d3566884aa6645184a.js Show response
static.klaviyo.com/onsite/js/ 32 KB
9 KB 63ms
23ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.53d3566884aa6645184a.js?cb=1&v2-route=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7385315ce8ef687578ffaea21652329fb265b61794683454fd49d11c9a18436

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
etag: "2e083781105f7ed883abddd4a4170bae"
x-amz-version-id: t2CQWVjcRG5kDBe9Ac7V6A0YOBld.q_6
age: 2400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Wed, 09 Oct 2024 12:53:58 GMT
content-type: application/javascript
x-served-by: cache-lga21953-LGA, cache-yul1970079-YUL
x-cache-hits: 23, 717
x-amz-id-2: 2hsPiF7Gzd+DVQLOS6DKHQv6u1jclPh1C0ANJXl/4NPk0qbqmmXGwDLLrdHXStgpNSRuawyOxY/u8q7cJGyOYg==
vary: Accept-Encoding
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash: 80c80f0853a5e2467d4546aa1f90bd1845320f78
x-amz-request-id: 151KBHZFSA6DQNJ9
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: fender-asset
content-length: 9358
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 signup_forms.a279a1ac64ac8e3a46a0.js Show response
static.klaviyo.com/onsite/js/ 16 KB
6 KB 62ms
22ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.a279a1ac64ac8e3a46a0.js?cb=1&v2-route=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/QArDbk/klaviyo.js?company_id=QArDbk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 537b1ec6bb5c03f08b46f53ac545641bb18297c32acfdc1978b38494b6890216

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
etag: "1bf263f6ac0c4983f034cecda34d319c"
x-amz-version-id: OQRPEZd4YeEWQQeEI4UbPF8KX8sJbvFc
age: 2400
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:00 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Mon, 14 Oct 2024 22:27:53 GMT
content-type: application/javascript
x-served-by: cache-lga21979-LGA, cache-yul1970079-YUL
x-cache-hits: 14150, 748
x-amz-id-2: Dt6vQivpgt4vC8kPOi9kPHQCg3K0VUQ+ZNfdXPoF2wdlU+UHKKju9Lbq85+/BuIsOQVOxy9Yl54=
vary: Accept-Encoding
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-entrypoints-hash: 3f84039d5c945dfbb74ffb0305ff127b36d39cc8
x-amz-request-id: 9HCN9AZY5FYESG86
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: fender-asset
content-length: 5736
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 116ms
107ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 5R7eSzpgIIo-w2XI7myyMfGpvbp2qeyBEnJt9JUXfqpZUdGKu_jQcw==
date: Wed, 16 Oct 2024 21:34:00 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H2 200 model Show response
conf.config-security.com/ 304 B
867 B 117ms
32ms XHR
text/json 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conf.config-security.com/model
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Flask/Theano
Resource Hash: 85d5ac1d160aef42c670cec3362747ce9452c85a2e3a82e4753a960616e7d93a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bfitamazing.com/

Response headers

cache-control: public, max-age=29030400, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "STtwK1hAIUYpaX51OCdhL31JUFQ7PSZyMHcqey0="
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B20W7TQL7jWNHq96hYw9CX%2FztLDIZxJMfG9H%2BT1gnh4aZg3wbR99%2B8m1qPhKn54LSkndQkWNJT65T4JpuSkPEgLa6J5aeRZh3mqPUkRaJK6uGNmfuzBCCWn1%2BXkqt8uq7bvhYZha13hPOyyhIAYGY5Fe%2FK9spw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d3b2ba73d727144-YUL
access-control-allow-origin: *
content-length: 304
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: text/json
x-powered-by: Flask/Theano
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 999 B
2 KB 906ms
61ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=QArDbk

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f3d1a743cf6932fe03063fabcf867d8dffa59084b63d84edea9922320f8748c9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
Strict-Transport-Security	max-age=900

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

access-control-max-age: 86400
age: 0
access-control-allow-methods: GET
x-cache: MISS, MISS
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-bos4629-BOS, cache-yul1970067-YUL
x-cache-hits: 0, 0
access-control-allow-headers
strict-transport-security: max-age=900
vary: Accept-Language, Cookie
content-security-policy: base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
cache-control: max-age=10
access-control-allow-credentials: true
allow: GET, HEAD, OPTIONS
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 999
content-language: en-us
server: nginx

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v7/QArDbk/ 11 KB
3 KB 889ms
21ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v7/QArDbk/full-forms
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5879d269f2dbd49d4dc19794123d70799fe26f1effa9ed0d90224e26fab3dfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

access-control-expose-headers: client-geo-continent, client-geo-country
content-encoding: gzip
etag: "f8a2b40b0034536e5cba25fe16a2bd5a"
x-amz-version-id: iAMySufkVmUwi0KGtlMm1mGrPw7_0IJb
age: 101536
x-cache: HIT
date: Wed, 16 Oct 2024 21:34:01 GMT
x-amz-meta-surrogate-control: max-age=31536000
last-modified: Tue, 07 May 2024 15:20:09 GMT
content-type: application/json
x-served-by: cache-yul1970038-YUL
x-cache-hits: 0
x-amz-id-2: HeA/2Mqhx0sLybDwrnmixlq8PNAK6MhxZaEckdXEGE18nU8Yc9VaFVjt3ER++pUGD17WcbK6uvw=
vary: Accept-Encoding
cache-control: max-age=5
client-geo-continent: NA
x-timer: S1729114442.746506,VS0,VE1
client-geo-country: CA
via: 1.1 varnish
x-amz-request-id: 4SXXRAR3DNF3DHYQ
accept-ranges: bytes
access-control-allow-origin: *
x-amz-meta-surrogate-key: full-forms/shared full-forms/QArDbk custom-fonts/QArDbk
content-length: 2718
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
437 B 46ms
41ms XHR
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1949045086&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bfitamazing.com%2F&dp=%2F&ul=en-ca&de=UTF-8&dt=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAAAACgCIAB~&jid=129511496&gjid=1806422632&cid=583531992.1729114441&tid=UA-135046488-1&_gid=2034891129.1729114441&_slc=1&did=BwiEti%2CdNzQ1OW&z=1143807008

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4224ae540e67bc666a3f7bc9ac54963e2dbb319444dbc00c58778f484f7b5f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bfitamazing.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.bfitamazing.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
649 B 854ms
40ms XHR
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-135046488-1&cid=583531992.1729114441&jid=129511496&gjid=1806422632&_gid=2034891129.1729114441&_u=YGBAgEABBAAAAGgCIAD~&z=1993325365

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bfitamazing.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:01 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://www.bfitamazing.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 151450255772281 Show response
connect.facebook.net/signals/config/ 65 KB
13 KB 109ms
108ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/151450255772281?v=2.9.171&r=stable&domain=www.bfitamazing.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

32cd77fd7a2ef5b09be5beef1a6148e3e3d930c544e792ab14ed947ac2ad921d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=68, mss=1232, tbw=67536, tp=64, tpl=0, uplat=83, ullat=0
pragma: public
x-fb-debug: sWfP4PdYMwGWsMJh0wBRBZVcXYWtol6UWWQYDKovcGj7t4M7xiBhbufvQWbFHqM6y2Dmp50o7+18O3xsa72Bpg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 292ms
286ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: m9ZNv62mFzZG0dSpRCvg4kBkbckEk4b-wnfUK0uigVURbpkQpgzHUQ==
date: Wed, 16 Oct 2024 21:34:01 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
86 KB 857ms
71ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11090686862

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/app/web-pixel-812417297@a46b87f88a4ff97a9490f9aa4799ba7b/pixel.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

301113c8498676b8498c47191c89fe66b5f862c777c00d23224830da16928c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 21:34:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87199
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 120ms
98ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: -fVDnWOLmjOA_j1p-Agui09CVLNBMRyfG0R0LBYeFKWsux3kbMf-zg==
date: Wed, 16 Oct 2024 21:34:01 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
0 10ms
10ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/app/web-pixel-267059473@8b3843af2d71780cfb83fdde884ce168/pixel.modern.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

5bbd9766838bf11e3ff360ec5cbb60d6ada352fbad7f7691e24f847313b9b1d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:00 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4448, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: CV5aps4UlbyhGGwBa0X8qlnsVrVx1lPDSKN+RVPtbbWIYIWzzYeHdvJF8/v3meVEGljLeFLsu2dJ+yIvWbmHWQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 315ms
295ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: pja2DglU5QIiQwElpErYcfMvn8_zHaeOEhu3hi6AvbfxCsm1Sl-eaQ==
date: Wed, 16 Oct 2024 21:34:01 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

POST
H2 200 event Show response
api.config-security.com/ 2 B
239 B 853ms
77ms XHR
application/json 2600:1901:0:e57f::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.config-security.com/event
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e57f:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bfitamazing.com/

Response headers

etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
access-control-allow-credentials: true
via: 1.1 google
x-tw-trace-id: 9fa566f4334549c72ada25d2829479ba
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

POST
H3 200 produce_batch
www.bfitamazing.com/.well-known/shopify/monorail/unstable/ 0
792 B 68ms
66ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bfitamazing.com/

Response headers

x-robots-tag: noindex
access-control-max-age: 86400
x-request-id: 0704976d-055c-4610-81cd-aa44be6c4116
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwBgb3CU6Z2TQXU5R1aK5S0txJjkCHL5FVO4FmCnmu9WeshsqIJiNyK6RlH%2FZ7k4SUFE9PCT1rlXrEaWM14TPXOTK1PY0Yxs5ceM0kOREQgtWd5njnFxH1TbPthEkdDrWl6PpJM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfRequestDuration;dur=42.000055, cfExtPri
date: Wed, 16 Oct 2024 21:34:01 GMT
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-download-options: noopen
cf-ray: 8d3b2ba92e8842e4-EWR
access-control-allow-origin: https://www.bfitamazing.com
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
101 KB 163ms
109ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HSXT121041&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

872ac92354b1355aa78dfb07d23abd33d15ad8996c8044f38f47d537fc47248b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 21:34:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103007
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 294ms
292ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: Xb8Ms1MJc1i1usxbIpGKeGWqiUf3GhREvkbTfh2HDvoZ4KV_vmZcoA==
date: Wed, 16 Oct 2024 21:34:01 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 216643833365091 Show response
connect.facebook.net/signals/config/ 26 KB
3 KB 94ms
90ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/216643833365091?v=2.9.171&r=stable&domain=www.bfitamazing.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

12082b51f80f43f2faac9b6158d0494c621b509a9214ede618e191c462d91465

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=79, mss=1232, tbw=81264, tp=78, tpl=0, uplat=60, ullat=0
pragma: public
x-fb-debug: 6ViqwXKVWp5oHFR4GVJU0xbAf5irg0xtCgZJwdpL53YrqYnmXJ9u516+6hRjPmqyY2FRQ2MSpUHv3BrKW3UQXQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 83ms
24ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=151450255772281&ev=PageView&dl=https%3A%2F%2Fwww.bfitamazing.com%2F&rl=&if=false&ts=1729114441732&sw=1600&sh=1200&v=2.9.171&r=stable&a=shopify&ec=0&o=4126&fbp=fb.1.1729114441722.2199252653615114&ler=empty&cdl=API_unavailable&it=1729114440939&coo=false&eid=sh-9740870c-1CED-4C0E-BC68-22EE7033794A&rqm=GET

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2948, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
878 B 340ms
281ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=151450255772281&ev=PageView&dl=https%3A%2F%2Fwww.bfitamazing.com%2F&rl=&if=false&ts=1729114441732&sw=1600&sh=1200&v=2.9.171&r=stable&a=shopify&ec=0&o=4126&fbp=fb.1.1729114441722.2199252653615114&ler=empty&cdl=API_unavailable&it=1729114440939&coo=false&eid=sh-9740870c-1CED-4C0E-BC68-22EE7033794A&rqm=FGET

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426489975295170154"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: oEEizfHwBA0BKR4SZbJttbrpJtCLe3RqxXXwf7YrSiBKURBwN12O4zuY4AElBWmbsVeRju1eC/US53u8iKA5rA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7426489975295170154", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=14, mss=1297, tbw=6716, tp=-1, tpl=-1, uplat=257, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 247ms
243ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: Vtb1IoD3N5hzVC5AxdgNkHelc2PuaUPHJT0x6a6jKEB4mAW_8_8Dcg==
date: Wed, 16 Oct 2024 21:34:01 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 120ms
48ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Caveat:ital,wght@0,400&family=Montserrat:ital,wght@0,400&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d788eb70230807f3fd125f0560a60a91cebea68622ce588cec35c486b3e8d81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 21:34:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Oct 2024 21:21:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 235ms
231ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: BBtvSwQr4a60Sk43PX2gfQHc8mZFmz9QZwnLPU_bff_4yQpw69Wq9g==
date: Wed, 16 Oct 2024 21:34:01 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 cart.js Show response
www.bfitamazing.com/ 283 B
1 KB 93ms
92ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cart.js?r=2.50099195109

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

bfabda5afe2be68701414d334a01b2cf8154ad081f01a634fa8185e9be50cb2f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

credentials: same-origin
Referer: https://www.bfitamazing.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

server: cloudflare
x-request-id: ae21515a-3a0d-4f5a-9995-26357764fa29-1729114441
content-encoding: gzip
cf-cache-status: DYNAMIC
powered-by: Shopify
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6IoxdDeEV0ZhA6JlD1F4tiC4YDDyYtXJeJBfN%2Bl%2F3CTqciXAg2i1ysPMBxwrF3CZU0kQ6FmiKoE9IESJ9heljd7z%2B9wnt%2F0dy3zhc6LgQyeP%2FvmvqW%2FNFRkAeQB6xV15x%2Bmhqps%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: processing;dur=14;desc="gc:1", db;dur=2, db_async;dur=7.739, asn;desc="16276", edge;desc="EWR", country;desc="CA", servedBy;desc="vrfm", requestID;desc="ae21515a-3a0d-4f5a-9995-26357764fa29-1729114441", cfRequestDuration;dur=65.000057, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:01 GMT
x-cartjs-cache: 1
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding,Accept
x-frame-options: DENY
strict-transport-security: max-age=7889238
x-shopify-nginx-no-cookies: 0
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-storefront-renderer-rendered: 1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2bad7bab42e4-EWR
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
content-language: en-CA
x-shopid: 14188380214
x-cartjs-updatedat: 0
x-shardid: 272

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 32ms
26ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=216643833365091&ev=PageView&dl=https%3A%2F%2Fwww.bfitamazing.com%2F&rl=&if=false&ts=1729114441849&sw=1600&sh=1200&v=2.9.171&r=stable&a=shopify_web_pixel&ec=0&o=4126&fbp=fb.1.1729114441722.2199252653615114&ler=empty&cdl=API_unavailable&it=1729114440939&coo=false&dpo=&eid=sh-9740870c-1CED-4C0E-BC68-22EE7033794A&rqm=GET

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=14, mss=1297, tbw=3336, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 174ms
169ms Image
image/png 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=216643833365091&ev=PageView&dl=https%3A%2F%2Fwww.bfitamazing.com%2F&rl=&if=false&ts=1729114441849&sw=1600&sh=1200&v=2.9.171&r=stable&a=shopify_web_pixel&ec=0&o=4126&fbp=fb.1.1729114441722.2199252653615114&ler=empty&cdl=API_unavailable&it=1729114440939&coo=false&dpo=&eid=sh-9740870c-1CED-4C0E-BC68-22EE7033794A&rqm=FGET

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426489976799341574"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: gZkzeONVzSlkDgki+1ySHbnt6XYRMjHVMYHLq+DAdnhTOrElXqxAay9U4Mo7wN5y9yZdUwllewFZdcSpyi9Ezw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7426489976799341574", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=14, mss=1297, tbw=3483, tp=-1, tpl=-1, uplat=143, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 75ms
69ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135046488-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11090686862

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1c5b6927130c22739a4c5630cbbec5c870b5f52d0389146778505bf66100cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 21:34:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79973
x-xss-protection: 0
server: Google Tag Manager

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101529666~101686685~101794736&rnd=1071139347.1729114442&url=https%3A%2F%2Fwww.bfitamazing.com%2F&dma=0&npa=0&gtm=45be4ae0za20...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101529666~101686685~101794736&rnd=1071139347.1729114442&url=https%3A%2F%2Fwww.bfitamazing.com%2F&dma=0&npa=0&gtm...

42 B
66 B

102ms
46ms

Ping
image/gif

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101529666~101686685~101794736&rnd=1071139347.1729114442&url=https%3A%2F%2Fwww.bfitamazing.com%2F&dma=0&npa=0&gtm=45be4ae0za200&auid=1208178091.1729114442&did=dNzYwYj&gdid=dNzYwYj&frm=0

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Server

142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101529666~101686685~101794736&rnd=1071139347.1729114442&url=https%3A%2F%2Fwww.bfitamazing.com%2F&dma=0&npa=0&gtm=45be4ae0za200&auid=1208178091.1729114442&did=dNzYwYj&gdid=dNzYwYj&frm=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 16 Oct 2024 21:34:01 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/11090686862/ 5 KB
3 KB 97ms
51ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11090686862/?random=1729114441906&cv=11&fst=1729114441906&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~101686685~101794736&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bfitamazing.com%2F&label=GhnfCJCDwIsYEI7nuagp&tiba=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&hn=www.googleadservices.com&frm=0&did=dNzYwYj&gdid=dNzYwYj&gtm_ee=1&rdp=0&npa=0&pscdl=noapi&auid=1208178091.1729114442&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dpage_view%3Bpage_path%3D%2F&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11090686862

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

2788c0531b662b060dfde5958ea94c841a39ae5f901947c5fca39dfb5bcb1c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2658
date: Wed, 16 Oct 2024 21:34:01 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11090686862
td.doubleclick.net/td/rul/ Frame 82A6 0
0 120ms
51ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11090686862?random=1729114441906&cv=11&fst=1729114441906&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~101686685~101794736&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bfitamazing.com%2F&label=GhnfCJCDwIsYEI7nuagp&tiba=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&hn=www.googleadservices.com&frm=0&did=dNzYwYj&gdid=dNzYwYj&gtm_ee=1&rdp=0&npa=0&pscdl=noapi&auid=1208178091.1729114442&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dpage_view%3Bpage_path%3D%2F&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11090686862

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bfitamazing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 21:34:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 241ms
238ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: CN7lk_pzHjIQdD4mHmvd39E-VmtZqBxL_zy9uDqPKe2isUbikfTk3w==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 67ms
28ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Caveat:ital,wght@0,400&family=Montserrat:ital,wght@0,400&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://fonts.googleapis.com/

Response headers

age: 42854
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 09:39:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 09:39:47 GMT
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14940
x-xss-protection: 0
server: sffe

POST
H2 204 collect
analytics.google.com/g/ 0
0 110ms
39ms Fetch
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HSXT121041&gtm=45je4ag0h2v9133677125za200&_p=1729114440723&_gaz=1&gcs=G111&gcd=13t3t3t3t6l1&npa=0&dma=0&tag_exp=101686685&gdid=dNzYwYj&ul=en-ca&sr=1600x1200&cid=583531992.1729114441&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.bfitamazing.com%2F&dp=%2F&dt=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&sid=1729114441&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&edid=BwiEti.dNzQ1OW&tfd=2213
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bfitamazing.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
269 B 42ms
39ms Ping
text/plain 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HSXT121041&cid=583531992.1729114441&gtm=45je4ag0h2v9133677125za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&frm=0&tag_exp=101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HSXT121041&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bfitamazing.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 105B 0
0 54ms
52ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-HSXT121041&gacid=583531992.1729114441&gtm=45je4ag0h2v9133677125za200&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685&z=474241737

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HSXT121041&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bfitamazing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 21:34:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 416ms
377ms Image
image/gif 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HSXT121041&cid=583531992.1729114441&gtm=45je4ag0h2v9133677125za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&frm=0&tag_exp=101686685&tag_exp=101686685&z=241018700

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 114ms
110ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: bBGNe3b8tvwLaJ4Zse5ATveZfy6bdYYZShwOMzPwRlgJsJkgHWB8Ew==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3

200

/
www.google.ca/pagead/1p-conversion/11090686862/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11090686862/?random=2077758605&cv=11&fst=1729114441906&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&t...
https://www.google.com/pagead/1p-conversion/11090686862/?random=2077758605&cv=11&fst=1729114441906&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~1016...
https://www.google.ca/pagead/1p-conversion/11090686862/?random=2077758605&cv=11&fst=1729114441906&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~10168...

42 B
64 B

58ms
58ms

Image
image/gif

142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/11090686862/?random=2077758605&cv=11&fst=1729114441906&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~101686685~101794736&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bfitamazing.com%2F&label=GhnfCJCDwIsYEI7nuagp&tiba=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&hn=www.googleadservices.com&frm=0&did=dNzYwYj&gdid=dNzYwYj&gtm_ee=1&rdp=0&npa=0&pscdl=noapi&auid=1208178091.1729114442&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIwffboO2TiQMVDGNHAR2Z8x7_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5iZml0YW1hemluZy5jb20vQlZDaEFJOE1pOXVBWVE5S185a2JyV21mb0NFaXdBdER3YTFULUo2eEhaM1hVUkRINjVwUktwOUF2SnNqUFhyMV8zTEFRQXVyRkJwaUhaRG95d0NPcTdfQQ&is_vtc=1&cid=CAQSKQDpaXnfZSCeTEA_YItxvI-oMs29KBjddCSfNbkcRwmF5PEew4j1JjZe&random=3635985953&ipr=y

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/11090686862/?random=2077758605&cv=11&fst=1729114441906&bg=ffffff&guid=ON&async=1&gtm=45be4ae0za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101529666~101686685~101794736&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bfitamazing.com%2F&label=GhnfCJCDwIsYEI7nuagp&tiba=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&hn=www.googleadservices.com&frm=0&did=dNzYwYj&gdid=dNzYwYj&gtm_ee=1&rdp=0&npa=0&pscdl=noapi&auid=1208178091.1729114442&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dpage_view%3Bpage_path%3D%2F&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIwffboO2TiQMVDGNHAR2Z8x7_MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5iZml0YW1hemluZy5jb20vQlZDaEFJOE1pOXVBWVE5S185a2JyV21mb0NFaXdBdER3YTFULUo2eEhaM1hVUkRINjVwUktwOUF2SnNqUFhyMV8zTEFRQXVyRkJwaUhaRG95d0NPcTdfQQ&is_vtc=1&cid=CAQSKQDpaXnfZSCeTEA_YItxvI-oMs29KBjddCSfNbkcRwmF5PEew4j1JjZe&random=3635985953&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 246 KB
88 KB 51ms
51ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=MC-2X1C9W64Y0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135046488-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

49f67b0e93def654d7510dc869e36d8a30d1a70a3e55990619d28f0e3cef2647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Wed, 16 Oct 2024 21:34:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90408
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 49ms
46ms XHR
text/plain 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1949045086&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bfitamazing.com%2F&ul=en-ca&de=UTF-8&dt=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABBAAAAGgCIAD~&jid=195362609&gjid=1079760213&cid=583531992.1729114441&tid=UA-135046488-1&_gid=2034891129.1729114441&_r=1&gtm=457e4ae0za200&did=BwiEti%2CdNzQ1OW&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685&jsscut=1&z=1703230547

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.238 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bfitamazing.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.bfitamazing.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 6ms
6ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135046488-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
age: 2243
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 22:56:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 20:56:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 299ms
295ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 9ZyYCkcPXVpv7FxrFKAj5skOtdgQVShBH4d1B3u-5D7FzodJ6ZaEDQ==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 301ms
293ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: apkXJ8kyUpYCV1ekrlbhgi9CMYUrqavVlmMzXRG7NI9E-iL9keJy0g==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 p
tr.snapchat.com/ Frame 0
0 71ms
33ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bfitamazing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://www.bfitamazing.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 16 Oct 2024 21:34:01 GMT
server: API Gateway
via: 1.1 google

POST
H2 204 collect
www.merchant-center-analytics.goog/mc/ 0
0 106ms
40ms Fetch
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.merchant-center-analytics.goog/mc/collect?v=2&tid=MC-2X1C9W64Y0&gtm=45ve4ae0v9120696361za200&_p=1729114440723&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101686685&gdid=dNzYwYj&cid=583531992.1729114441&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2F&dt=B%7CFit%20Amazing%20%E2%80%93%20Bfitamazing&dl=https%3A%2F%2Fwww.bfitamazing.com%2F&sid=1729114442&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2444
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:162:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:162:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bfitamazing.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 produce_batch
www.bfitamazing.com/.well-known/shopify/monorail/unstable/ 0
792 B 68ms
66ms Ping
text/plain 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/.well-known/shopify/monorail/unstable/produce_batch

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bfitamazing.com/

Response headers

x-robots-tag: noindex
access-control-max-age: 86400
x-request-id: 9f1f7b1c-2c02-4930-a8a5-700e09dbc3a4
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUndN4grShaKINiq%2FWXNi9orRuCmbrcwkflGHmAbIJt1ft1oT%2BWEVQs%2BDLj4pxclcutPLbsir24bnULt42BekZFR9VFcixf%2FLNoQa9CSQl%2BdcO4BtVci1o8bcV2yj58CTtyE3ks%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfRequestDuration;dur=42.000055, cfExtPri
date: Wed, 16 Oct 2024 21:34:02 GMT
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-download-options: noopen
cf-ray: 8d3b2bb128c342e4-EWR
access-control-allow-origin: https://www.bfitamazing.com
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 loader.js Show response
cdn.shopify.com/proxy/eda09c3289215e16603745d8dbd56ba32ad2234a3ab9645fcd9c63438ca74ba3/api.goaffpro.com/ 12 KB
4 KB 83ms
77ms Script
text/javascript 2620:127:f00f:ff01::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/proxy/eda09c3289215e16603745d8dbd56ba32ad2234a3ab9645fcd9c63438ca74ba3/api.goaffpro.com/loader.js?shop=amazighld.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12785cb6f51eedfe924046634d53e20c66c270da4ed4372015e5127d6df52c05

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: b12c7f07-309e-43c2-985f-1d2f7c3c6138-1729114235
content-encoding: br
cf-cache-status: HIT
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBWBNjrO2a%2FqSfqxO4UJkhIWd9R2LmYodj5JbfCSl0sLOlactrahJ0zDyKVxc%2FTonSMJZftrT2Cgzirs7CXWi8K1EZz6p8petXzbipHXpHhP7MUkP%2BQcvxb1xwmp1ixL2PM%2FMNC%2B2O%2Fhkamwmg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=154.009, imageryFetch;dur=145.228, cfRequestDuration;dur=59.999943, ipv6
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: text/javascript; charset=utf-8
content-disposition: attachment
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 21:30:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/proxy/eda09c3289215e16603745d8dbd56ba32ad2234a3ab9645fcd9c63438ca74ba3/api.goaffpro.com/loader.js>; rel="canonical"
content-security-policy: default-src 'none'; sandbox;
cache-control: public, max-age=600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
cf-ray: 8d3b2bb1886ba2b2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3425
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 section-feed.js Show response
d3ithgl79uu5su.cloudfront.net/ 22 KB
4 KB 227ms
25ms Script
application/javascript 2600:9000:26fa:2200:1b:6fb2:b780:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3ithgl79uu5su.cloudfront.net/section-feed.js?shop=amazighld.myshopify.com
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:2200:1b:6fb2:b780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96b8d2906cb2af51cc386371734d9e1074b644ed4a5c375fce2f5cddf3b834eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"0f849cf289bca228bfcc6cd288a5b8e2"
x-amz-version-id: null
age: 50014
via: 1.1 619f2eec0ea05d2ce0279df117eb9a0c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: MRsAu_HGnPe9QznfFOTQXaxLoFxDKhuOvKQSpk681LgwN5KVV9vQ_w==
date: Wed, 16 Oct 2024 07:40:28 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 03:10:11 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
x-amz-server-side-encryption: AES256

GET
H3 200 store_reconvert_node.js Show response
reconvert-cdn.com/assets/js/ 17 KB
6 KB 235ms
38ms Script
application/javascript 172.67.192.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://reconvert-cdn.com/assets/js/store_reconvert_node.js?v=2&scid=MjBmMWYzZjEzZDVjZmQ1MWQ2MmFlODUwM2NiYmRkYmYuM2IwZDI4MDY0YWZlODcyNTczZGIyZGFkYWRiYjUzNmQ=&shop=amazighld.myshopify.com
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45427201f10ab957d0c8abffb1b023662880f1fd803a60dfc024c2b1dc71d0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
x-amz-version-id: nXXPxUULnd7REnaJiR_kjdipmPd3GzJh
etag: W/"837d287ba3683d97b331ee4a06b98806"
age: 651
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3IVgui%2F%2B2YWSBEvfEJel3%2B8F4sIcXO6Nlm0NqxTOdIgjgqjrSQL%2FWpvLUn9tOpXWvXWcwGhsxTQFOwJI%2BHhLJjv6jJE3ymmKSlfZpe6hMGCXQOYjUKzSggwpyR68j0JVMQbZA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: EamO0wYg3yv5nPYZYdZJsUP-C9WsTfg9ynKgpBFvR2eE2sOBD39pYw==
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: application/javascript
last-modified: Tue, 30 Jul 2024 06:08:00 GMT
vary: Accept-Encoding
server-timing: cfExtPri
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
cf-ray: 8d3b2bb2bd24abab-YYZ
x-amz-cf-pop: YUL62-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 shopify-scevent-init.js Show response
intg.snapchat.com/shopify/ 10 KB
4 KB 225ms
24ms Script
text/javascript 2600:9000:24f1:ea00:7:67fb:be80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=144567f3-ba35-478f-b238-e79152f02f62&shop=amazighld.myshopify.com
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:ea00:7:67fb:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3261fa7a88e5c34de2e2d09fa78e5521967233bd12f75d1bb1bc6ca08f2bd61b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-amz-cf-pop: JFK50-P4
content-encoding: gzip
etag: W/"e87ba297e72522a8775d5da9e4d9d74c"
age: 81965
via: 1.1 177517a7a813d3db43efccb1bf2be96a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: o17DGEyUwG4w5XTR-PCDVfYP6IeioCY9g1U3Fk7mFi0P7D2AjNOOlw==
date: Tue, 15 Oct 2024 22:47:58 GMT
content-type: text/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 15 Oct 2024 22:47:51 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 sezzle-footer-logo-fix.js Show response
d34uoa9py2cgca.cloudfront.net/shopify-app/helper-scripts/ 463 B
792 B 211ms
25ms Script
application/javascript 18.164.131.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34uoa9py2cgca.cloudfront.net/shopify-app/helper-scripts/sezzle-footer-logo-fix.js?shop=amazighld.myshopify.com
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.131.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-131-94.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1e26c3e6af32b965902df34319e98f02ca064c0eca4048fa364357548a8b28e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

etag: "374fb5d08db800d032c4e963eb0a8687"
age: 32275
via: 1.1 fe705b44d5a5a2d7d6e73595ceeca2e2.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 463
x-amz-cf-id: 71KOgwv9vmP6UgqWnYa-669n5st6tR25yyZDoCBVNyuhNXYEWZ9EXQ==
date: Wed, 16 Oct 2024 12:36:08 GMT
content-type: application/javascript
last-modified: Sun, 25 Mar 2018 15:39:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7

GET
H2 200 SizingPlugin.prod.js Show response
app.kiwisizing.com/web/js/dist/kiwiSizing/plugin/ 106 KB
35 KB 222ms
28ms Script
application/javascript 2606:4700:20::681a:340
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.kiwisizing.com/web/js/dist/kiwiSizing/plugin/SizingPlugin.prod.js?v=311&shop=amazighld.myshopify.com
Requested by: Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:340 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4b40284832da9ac4590fcb6099da89396dafe7bc1fe63f7f68451a66b79e5b48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "43-1892223-1727794899000"
age: 73137
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LljjWDghkf1gJBRhCnDh%2B%2B5%2FlAVpGD62z7zQsY3qy9JBz0kF5OJht3aacbVKN0iVdevnttojzi1A2L816ggMdjtSFrvOSAU7Vew%2BDQoNPGkuENY8iYUbakLNxuUrmacurm44fAJLtvzeHEqVhGxkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 15:01:39 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range
cache-control: public, max-age=259200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bb2b96ba27f-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35647
x-powered-by: Express
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
960 B 108ms
105ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: Qvw28OALKE5gXdNyeZrX8T6izxY9E4VyMhOW3D4LxybzRxajTDqpRg==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 polyfills.IegWBDja.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
15 KB 71ms
45ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/polyfills.IegWBDja.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: e783f02c-bf3d-4f0a-8083-a7061b3702ab-1728061600
content-encoding: br
cf-cache-status: HIT
age: 1052842
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2%2BfbIOwYdCRKgUzVCD3hAWFIAWMIIl%2FsLMzZnqUSqFhdBnXEIYDtTOw4VG3zLvPb5b39BEBhjBpHKmaVOc%2FNLAJRai%2F5QQY%2B6vR00gNIvJRdkTGbbORcN65GD9Hjr4KNw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=28.185, imageryFetch;dur=27.930, cfRequestDuration;dur=16.000032, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: text/javascript
last-modified: Fri, 04 Oct 2024 17:06:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/polyfills.IegWBDja.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bb2ba8336d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14457
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 313ms
310ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: B4ykvEyBEjKo7vJq3VBIwd_xcaVF1BVdoqVH_8RMxtJbLv3D6A4zxw==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 cart Show response
www.bfitamazing.com/ 983 B
3 KB 140ms
138ms Fetch
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cart?section_id=mini-cart&timestamp=1729114442472

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

845035c98d06ef965ab8247d3125482e55e60f0cb0f1df417e0dcb515e01f108

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 4f84662c-e0d1-4157-86dc-0b32f70b5b68-1729114442
content-encoding: br
cf-cache-status: DYNAMIC
etag: "cacheable:2c80ccc90f3676de835e988391233117"
powered-by: Shopify
x-dc: gcp-us-east1,gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7V18qW4wrkOfxUVBnrllkFIgReCBjz7wAKe5D7ZD4OnVBszIQwEkhslwWKdYDOkw3Au3mKt0xo6YGttGfd9l7WJrrM%2F3UdkgkglP0JM8dpNl5aEcAGzO2TRucQqI%2FXT0t1XeGY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: processing;dur=62;desc="gc:32", db;dur=8, db_async;dur=9.19, render;dur=1, asn;desc="16276", edge;desc="EWR", country;desc="CA", theme;desc="124299214902", pageType;desc="cart", servedBy;desc="5dph", requestID;desc="4f84662c-e0d1-4157-86dc-0b32f70b5b68-1729114442", cfRequestDuration;dur=111.999989, cfExtPri, earlyhints
x-cache: miss
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: text/html; charset=utf-8
vary: Accept
x-frame-options: DENY
strict-transport-security: max-age=7889238
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-shopify-nginx-no-cookies: 0
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-storefront-renderer-rendered: 1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2bb1891542e4-EWR
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
content-language: en-CA
x-shopid: 14188380214
server: cloudflare
x-shardid: 272

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 107ms
106ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: kaoeLbuUrqLppMw97vyPfQOgJcSTgapBASgdr4locOF_M8pmaH48zw==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 Reviews-2_96x.png
www.bfitamazing.com/cdn/shop/files/ 4 KB
5 KB 49ms
49ms Other
image/avif 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bfitamazing.com/cdn/shop/files/Reviews-2_96x.png?v=1614318319

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

63d11ec2d6d2cd59ad74c57271af03ed7628844e72c76a1210775f6b524cec54

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: f49eb243-72af-4fc7-a949-b285a22c4802-1715631783
access-control-expose-headers: *
cf-cache-status: HIT
age: 13467339
x-dc: gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwnM8dM4MrVEzRrqM2PhFOrhpNTuq4fvNv9VcnUF4iom0uUe68EHQpe2ZXdC1ZyKUBNQdjwRgTGn%2FvzumRIc6THxYYThYeyIHOVRYdBOB753huh8Jne%2BaSV33ZhbC5LlKs3G1vs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=450.078, imageryFetch;dur=89.411, imageryProcess;dur=359.405;desc="image", cfRequestDuration;dur=17.999887, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:02 GMT
source-type: image/png
content-type: image/avif
vary: Accept, Accept-Encoding
last-modified: Mon, 13 May 2024 20:23:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 1224583
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2bb2aa4642e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3812
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
0 4ms
4ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: intg.snapchat.com
URL: https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=144567f3-ba35-478f-b238-e79152f02f62&shop=amazighld.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ffaf3b7f34955e1c40b72cab3f9c84a08869774c525b76cbca16dc4b08593b08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 2080aae7ace369c71819923852e1b17e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23694
x-amz-cf-id: XeyiMObPqq24oQGj5KD2jr0KiuwdSyIL4DnIf9Z7_OU8LI6zij70nQ==
date: Wed, 16 Oct 2024 21:34:01 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: YUL62-P2
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ 22 KB
8 KB 77ms
35ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: intg.snapchat.com
URL: https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=144567f3-ba35-478f-b238-e79152f02f62&shop=amazighld.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

access-control-expose-headers: Content-Type
content-encoding: gzip
etag: W/"68f2467c84878293c9ee497dbc99a17f"
age: 31950
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 8NkTIXjjw2SPJJLWOFE-fAGOvdSyn272Jlrtz9pbhxDyr_EHa-jRyA==
date: Wed, 16 Oct 2024 12:41:33 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
vary: Accept-Encoding,Origin
cache-control: public, s-maxage=86400, max-age=600
via: 1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: YUL62-P1
server: AmazonS3

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 229ms
223ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 0dGrROc9c1XqwBRDC7_m4FGMXLomfiFn__5V9Kabw3AbtyK-yCfNFg==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H2 200 scriptVersion.json Show response
app.kiwisizing.com/kiwiSizing/api/static/ 15 B
766 B 107ms
66ms XHR
application/json 2606:4700:20::681a:340
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.kiwisizing.com/kiwiSizing/api/static/scriptVersion.json

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:340 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fddec91d28f6d528291f1e6b47599a4a9e0ea81c96990baae19708b69dc9388

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

access-control-expose-headers: kiwi-sizing-token
cf-cache-status: DYNAMIC
etag: W/"f-XQu4KrlpTHCV6y9IiZwTtbVryy4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2F7%2FsxiJeZXEIWGSDyxwcq1%2F71t7wMt5QUY6F74mJagqPWeHpsDcB5GD6J%2BJ%2Fd95i3kB5eDWDXND3iuqsdvsaDmbMIRf950zKFh%2F7tIso%2FGJLNxqSh1rIQXrCV2UDFH0IPAe3sCXol%2BdCudq9EhAoA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: GET,PUT,POST,DELETE
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, values, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15552000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
access-control-allow-credentials: true
x-download-options: noopen
cf-ray: 8d3b2bb39b20a2b2-YUL
access-control-allow-origin: *
content-length: 15
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 rct_cart_front.css
reconvert-cdn.com/v1/assets/css/ 1 KB
1 KB 35ms
34ms Stylesheet
text/css 172.67.192.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://reconvert-cdn.com/v1/assets/css/rct_cart_front.css
Requested by: Host: reconvert-cdn.com
URL: https://reconvert-cdn.com/assets/js/store_reconvert_node.js?v=2&scid=MjBmMWYzZjEzZDVjZmQ1MWQ2MmFlODUwM2NiYmRkYmYuM2IwZDI4MDY0YWZlODcyNTczZGIyZGFkYWRiYjUzNmQ=&shop=amazighld.myshopify.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7e1a662efe9f5d98df0c8f00c64fe3927308691a8fd90135f29fa9c08ff87b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
x-amz-version-id: rT_jhESaO5LJ7ojPfwYxrj8ZTSWNDU1K
etag: W/"9d5ea52dbe289ac363657376150d0ae5"
age: 7021
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9iLPfFxOX1weH97M5CKssOLXI38FdOn0b7t7cH9z7pTMjpaNZY5oi2u2V5S6LEJbOay%2FDhQj%2F3KYONeU4L9R7CcYUiHsGjjFS%2B7ofr3w1czRBwr5KB3dSean0%2BT8Sv%2FNUZzyw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Tl8cKobLB1KP4q1O-EppqUOw8d2rLw93wrEEBDwHBW-79v8L-fT4UA==
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: text/css
last-modified: Tue, 30 Jul 2024 06:08:02 GMT
vary: Accept-Encoding
server-timing: cfExtPri
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 8e923e72a50f75048382f193bf6c8c4e.cloudfront.net (CloudFront)
cf-ray: 8d3b2bb35db5abab-YYZ
x-amz-cf-pop: JFK50-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 jquery-3.4.0.min.js Show response
code.jquery.com/ 86 KB
30 KB 62ms
19ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.0.min.js
Requested by: Host: reconvert-cdn.com
URL: https://reconvert-cdn.com/assets/js/store_reconvert_node.js?v=2&scid=MjBmMWYzZjEzZDVjZmQ1MWQ2MmFlODUwM2NiYmRkYmYuM2IwZDI4MDY0YWZlODcyNTczZGIyZGFkYWRiYjUzNmQ=&shop=amazighld.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15857"
age: 2385491
x-cache: HIT, HIT
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 11425, 3303
x-served-by: cache-lga21984-LGA, cache-yul1970077-YUL
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1729114443.812397,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30632
server: nginx

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 236ms
235ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: LnQshZpnA26Z-xI41hBW_QBdwK-xfScG9tMg2vFXIu0eFQn-DO-Kww==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 app.D-5-b_fc.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
368 KB 40ms
38ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/app.D-5-b_fc.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 5777629f-eae7-4512-a290-a042c56a40fd-1729105078
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqD8Ttq7Je4NrJVhn0KBAi7uPR0iqR6YCx9uFdxsOqF7Mggu2G0ztSDtL4fYsd8WxsCXSVkDm32SJWJZKgMg4wWvcvb2prmTSTWREz6O6uwSKvsiLXnNOAsqr33kjILLeA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=192.169, imageryFetch;dur=19.336, cfRequestDuration;dur=13.000011, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:57:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/app.D-5-b_fc.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bb36b7e36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 375581
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 288ms
287ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: EbBBA3RhxS0TN366XNN_IYCWNiNZuyKNRW8k1gDAcYqPgd3k1A9bRg==
date: Wed, 16 Oct 2024 21:34:03 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H2 200 144567f3-ba35-478f-b238-e79152f02f62.json Show response
tr.snapchat.com/config/com/ 100 B
195 B 110ms
109ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/144567f3-ba35-478f-b238-e79152f02f62.json?v=3.33.0-2409301510

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 46
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google, 1.1 google
access-control-allow-origin: https://www.bfitamazing.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 3EE8 0
0 100ms
68ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=144567f3-ba35-478f-b238-e79152f02f62&u_scsid=5cbe895f-c475-45cd-ba02-c54c6ff94ebc&u_sclid=5d9edfc4-a4f3-41ed-8188-e6fccffe96c1

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bfitamazing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Wed, 16 Oct 2024 21:34:02 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 1

POST
H2 200 shopify
tr.snapchat.com/scs/ 0
0 65ms
63ms Fetch
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/scs/shopify

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
access-control-allow-origin: https://www.bfitamazing.com
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 16 Oct 2024 21:34:02 GMT
content-type: text/html
server: API Gateway

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 252ms
251ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: cYaMc85Gcrn7z8npy2MpPe8t1XQO2XmvjJLz0mcomvSgGYdyNLSO-g==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 104ms
103ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: mBe1elX-rZ4OZE8F22sNweLT2bmkAV2bBkZ3EajpuljfphnPl1YdHA==
date: Wed, 16 Oct 2024 21:34:02 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 OnePage.Bm9ouWWQ.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
36 KB 39ms
39ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/OnePage.Bm9ouWWQ.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 21f3e683-0c53-466a-93c5-81711171c301-1729105079
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCHRo3IgCUP8EIg1JvqJSr16U0cQ2fcqJUoiLyW7JANHzrnuB8vbQHmaUf4Hj8H61w%2FH895ozjnag%2B2u60%2F2Xd5n5DxpaDPPl4oiQSbOjLETxv%2FWsr23OXnV%2FP2uyVRLYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=25.218, imageryFetch;dur=24.960, cfRequestDuration;dur=12.999773, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:57:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/OnePage.Bm9ouWWQ.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bb7784a36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35972
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 112ms
111ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: GmI75YMikx_cMsH4ac7xp1hAvyoiCtLOAphkga3Yy7YxKxw--TrZSQ==
date: Wed, 16 Oct 2024 21:34:03 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 DeliveryMethodSelectorSection.Cja_h1EM.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
21 KB 47ms
46ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/DeliveryMethodSelectorSection.Cja_h1EM.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 739226dc-3e9a-4cfc-bce2-3acf2de46644-1729105079
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztQu6SGp7T5Mdckfd1N4YlOFtaoM4dgOEFHHWVFsgyBNavcljK7jrrgWBRQ2KdhlC96NcBsfwbJwrF3rQzODOCeT%2BophH35aVdtY%2FX0dormXJrEZvD6fZ%2F5fONy4csL8HA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=19.433, imageryFetch;dur=19.147, cfRequestDuration;dur=12.000084, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:57:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/DeliveryMethodSelectorSection.Cja_h1EM.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bb7e8b536d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20826
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 110ms
107ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: Aa6ghwNb8m-7urSesLvPU4pi-1BkJ4iwR1VPlMjWZhpxkheV1T34Sw==
date: Wed, 16 Oct 2024 21:34:03 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 useUnauthenticatedErrorModal.C02DGeaA.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
2 KB 39ms
38ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/useUnauthenticatedErrorModal.C02DGeaA.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 3a32ea17-e802-4233-87ce-03655473d9a4-1729105079
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KsiIfNqipU6NdEb%2FDZUEZCCdOh5vzdlSZQ5Miqr6Uc2P%2BxKnDJTW5KV3NoYTlCQubO3nV87Zts2cvK0%2FFRU%2FIkYm7KXiuZmyqqJvISBrMvDy4iFhzyHimMOp9TPY%2Fn88CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=146.779, imageryFetch;dur=23.607, cfRequestDuration;dur=13.000011, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:57:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/useUnauthenticatedErrorModal.C02DGeaA.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bb93a1e36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 806
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 314ms
312ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: XIiKix9C2O4eXxXp92H7DW1A5S_XaspR9Klv1B-pvO8Lj8nlvFcwXA==
date: Wed, 16 Oct 2024 21:34:03 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 232ms
231ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: Ba9j3mWcgHXsQgZ1TJUcuO0nQOit1KuIM0lZAqndvEKXymRw4E9bRg==
date: Wed, 16 Oct 2024 21:34:03 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 LegacyVaultedShippingMethods.D31Mv223.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
1 KB 38ms
37ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/LegacyVaultedShippingMethods.D31Mv223.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 267442ac-3d79-48ed-a9c8-eaf9cbe9bba1-1729105079
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9w3hAst3j4uYcBcqvX%2FAmJC9%2FuUtVjKNuWcVZNYc1VN7OmH%2BCz%2BxVXLn3zYRTMJE%2BnMdqif38VNGiW6UxLNYy803meNwcXd0pg%2BnVeGj5y5TkgwxTtoBOSToLYiE8Y0Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=248.330, imageryFetch;dur=24.303, cfRequestDuration;dur=11.000156, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:57:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/LegacyVaultedShippingMethods.D31Mv223.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bb98a7636d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 545
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 118ms
116ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: ZKNge95iyFt8kmECNFDhLNZ3vGbszDCuaWS_snbD_1_rJrsNuby01g==
date: Wed, 16 Oct 2024 21:34:03 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 Rollup.BnNdgHzz.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
2 KB 39ms
39ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/Rollup.BnNdgHzz.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 09e6e5ba-66c2-40ef-86ea-2b50e0014a31-1729105079
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DyPH5wHJNQIGC6B8snwcFTPPqI3mc4HjXaCTSYHKlmKDXLCMLXT5XZcmTJaTTBRYJjicUk7BeEdQ9D%2FCUzl2r8ytMPa1dZG5bhDQrfjPrIXwzxmIDDF5nq9wCkH3zF%2FpBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=24.483, imageryFetch;dur=24.229, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:03 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:57:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/Rollup.BnNdgHzz.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bb9cab136d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1694
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 299ms
298ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: g91SyuvFR5klfi4KRpBc3KiB_2CsrN5Ta6KVek5vb9vlRp510hCqTw==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 SubscriptionPriceBreakdown.DJHIl4uT.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
3 KB 49ms
48ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/SubscriptionPriceBreakdown.DJHIl4uT.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: fb6b983b-2732-40a7-8d00-cb3c7e27657b-1729105080
content-encoding: br
cf-cache-status: HIT
age: 5155
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awJfDeCnqHxjB2iiMHaWvFMHg62eFRs9TaTcvmOb0IRdA8DMvgMqGlbeUvU1r19iUZ4XSYufSZfrXyxxwhi9oePa%2BXHze%2FFaP0skh9Tvltv8CCWzaF6PN2VQ%2FfYgEysLVw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=19.202, imageryFetch;dur=18.924, cfRequestDuration;dur=16.999960, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/SubscriptionPriceBreakdown.DJHIl4uT.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbb6c7636d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2533
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 232ms
231ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: PBAJLcsGWsar2z_cl0Q_J66h-onmTIW-r7d67unL7UKOhXJsCGes6g==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 MarketsProDisclaimer.BnThs9hl.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
2 KB 48ms
46ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/MarketsProDisclaimer.BnThs9hl.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: f71e3075-c59f-436f-8064-ddb408c8c04b-1729105080
content-encoding: br
cf-cache-status: HIT
age: 5155
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uovTHRUlBPHZwzfGn7lWHoxiAKZUVNsZQIvpvTDyktu%2BIynCqXp8YGIeU7n1aOWUdTjJz3cbrZuELmFeMMDrJ7ySrqp5rhPmmS1MoXH5hXixrpofplhdVuu5LQ8AkSbFAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=21.435, imageryFetch;dur=20.158, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/MarketsProDisclaimer.BnThs9hl.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbbdcf136d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1124
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 297ms
290ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: lylqGhqSHsLnPgqB-hoHZVq3kIGCqEl4G4NA-UUi6Qop5skzyvndtA==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 ShopPayLogo.B4JsEFqf.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
2 KB 41ms
40ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ShopPayLogo.B4JsEFqf.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 5e34a9f2-afa5-488d-905a-41053a29222e-1729105080
content-encoding: br
cf-cache-status: HIT
age: 5155
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FOZnCbPOGDj5ZfURNrXsVnVvY2Vz%2BmAoWn99ZVrcg0%2Fv8nBOfsCPO4ZD0qqg9RWReUjnp7n9RMGncU%2Fmmokf1eAxzSrEr9bwO%2FelmTo3VVILesh9We%2FBBVG9pYBlZKyvVg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=24.847, imageryFetch;dur=24.657, cfRequestDuration;dur=16.000032, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ShopPayLogo.B4JsEFqf.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbc1d3b36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1541
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 317ms
315ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: WWNIjsIup1LZu40k40uiC2foB9deNBcwYKLdpVWjRVfZd5e7RAZ7Eg==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 index.ObVfO4Pw.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
3 KB 41ms
41ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/index.ObVfO4Pw.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: c3682f47-c36e-4fac-bf75-44ab7aa2af8d-1729105080
content-encoding: br
cf-cache-status: HIT
age: 5155
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWOofyQGqwdZ2Dzmcv13ZthPIt68uxWVIvV%2B%2BjJyTHXe%2Fo4ovlk9UwpEWZ6Dfqydho%2F0LmxxNtokn337vsGxT1u7SSYA5D0cn%2Br3QFK%2B9TjsBffyG11Cpt%2FFOnADr2NwzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=206.638, imageryFetch;dur=23.780, cfRequestDuration;dur=13.000011, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/index.ObVfO4Pw.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbc8db436d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2010
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
960 B 104ms
102ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 0PGb5kjdc6bZvJy9OIzWTJTSvFddwnshZVlpODrCS9OCPKvERB9BcQ==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 PickupPointCarrierLogo.C4gdu5Yl.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
2 KB 41ms
40ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/PickupPointCarrierLogo.C4gdu5Yl.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 991453a5-cf85-4aa5-b8a5-98badec888d9-1729105081
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mioZkY6lWjIEHLG97WVSGg2o6Dmyn9M6MzVWI7GGadE4oyz5aKaoERuQ2HuQofIJrH6w%2FHJixsAKvzMCNmrQaW5sh2XzWTSSZ4IXX6%2B9IcieHtMgcw219O8UAaVMcK0EXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=18.570, imageryFetch;dur=18.409, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/PickupPointCarrierLogo.C4gdu5Yl.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbcddfb36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1776
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 310ms
308ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: u7ukRaqzr-hTwWmb4MdZQ7mtVuHCNMbtmt4nNhDGLrs4OfOC74RrvQ==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 hooks.CQrRZcEg.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
4 KB 40ms
40ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/hooks.CQrRZcEg.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: b770722f-aefe-44af-a2be-301945d29b93-1729105081
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJioKLPmjG70Dt04up2ReN13I3k9yxOLMt70lHCib1kwk%2FwSkB8HJL9M6miAEwezhYLPYn%2F7h2An1LkeBnrwkaSXX7t9KOBYn9TP2w9%2FolBRrBVWyptFC9KAHt3U7X014Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=18.679, imageryFetch;dur=18.375, cfRequestDuration;dur=16.000032, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/hooks.CQrRZcEg.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbd1e4936d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3171
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
956 B 237ms
236ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 4oRmlwr8x4W3SNm0IPnVe3x8NSc0t7hCFuitaROne6-dmp_dPLxisQ==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 VaultedPayment.tQahwz6n.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
40 KB 40ms
39ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/VaultedPayment.tQahwz6n.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 028605f3-4b82-47a1-a731-2a102340cdf5-1729105081
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qQXFxqKeTUpwxViyMpT6UfhANNEnU87oshe6JaqHnmiqEB7gUl%2FFWRXu0r3IBpKNcSCI21QKpoyrEEN1vCTYYnwMET5sTPXhgZPW0RVpNs28OoSCcRWRAb0wvHD7kS8T4g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=23.292, imageryFetch;dur=23.039, cfRequestDuration;dur=14.999866, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/VaultedPayment.tQahwz6n.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbd6ea236d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39710
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 305ms
303ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 4q_f8G8iItsQW4MRhrlX_CSOHClncaU6JS-l-noU1B1wfiEQrSYp-w==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 OnePageModal.DcBqng-y.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
1 KB 39ms
39ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/OnePageModal.DcBqng-y.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 74642cf0-1956-4a8b-bfcd-7b2927ec73ee-1729105081
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iw0bWyWaCXzVyaS6sTXq%2BuORWunWhbh8Ldj%2FfdFqAVaHgIGZrDCBSGpwzHsU%2F2iX%2F0jJYB0IE7g789%2B2KVAAceFaT4x6TvFceeGXDbY%2BdlyXq31NcPl0tEpa1HpW3IxNDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=23.653, imageryFetch;dur=23.430, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/OnePageModal.DcBqng-y.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbdcf1436d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 715
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 301ms
299ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: orEZiFYOZeYtPt92OXMLtqamOg19j9pF40ZZzWUHnREH-BeTL09ZhA==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 useShowShopPayOptin.HWTtOKeb.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
2 KB 46ms
46ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/useShowShopPayOptin.HWTtOKeb.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 5839bbe1-d9ea-4c60-87fb-1a6447f74fba-1729105081
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l7FstiLggfg5oZq9ZXdjbiUomJoLJp6h9ZoH2VWZYXBW3ECi%2FZy9eNgdOWeSLpvFDHve4qCRZ5l%2B3QXwEtPQlm2M%2Bti7vpcM%2FjaKIsX4SuCIeZx%2BHmAUKDf9hwpGJsA53A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=18.901, imageryFetch;dur=18.689, cfRequestDuration;dur=13.000011, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/useShowShopPayOptin.HWTtOKeb.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbe2f7436d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1125
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 292ms
290ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: uVsrf-qX9L_XO3F1_h3wGotKa_eyDHipbCQB464cgTMf9BkTfPYXMA==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 Section.BKF6L94a.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
2 KB 39ms
39ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/Section.BKF6L94a.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: b4a6ec4d-edae-4c08-b31b-47ed516e9df8-1729105081
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FR6TzMpr0pYRSwICpKkWalEq6MlMBL%2Bc3jnaQ%2BzrcfEWgu4yP%2FZslP39vuwXnHvhJtuqjOaKVneQTWw0ouLx1ry5L9ffcmTG%2FmPzgSBjkUY9eZT4qB1NaMaIYfT%2FOt%2FqNw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=30.450, imageryFetch;dur=30.207, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/Section.BKF6L94a.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbe7fe436d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1358
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 104ms
102ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: NbSHfE9viF1QUV-ctQS-1zH235U2_-jO10MMK_vJqTlo0QswdilDZw==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 useGooglePaySdk.BxvAB05f.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
6 KB 43ms
43ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/useGooglePaySdk.BxvAB05f.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 9f18f9b0-d0e2-4d0d-9604-32aff874b380-1729105081
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExUfkExfSIieRgQ0%2B3Qj75Vx1xgbA00KxtXRnlp9FmdJ13gLDXWkJTjjKypiOYOAcVzHtL3%2B3%2BMFyBTWxnjopZ3BEECu1Vb5gCFh3cKlosDtGXZ2X7aPzlCffhPf5hfKWw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=20.978, imageryFetch;dur=20.751, cfRequestDuration;dur=18.000126, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/useGooglePaySdk.BxvAB05f.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbed87836d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5713
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 115ms
113ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: L6mOSxQPtc7l4RfQ5M4LDiVDGYVqF0MUXYGAINnH1pt6bTT5zXep3g==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 ShopPayLoginLoader.CeZrNdfE.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
3 KB 51ms
50ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ShopPayLoginLoader.CeZrNdfE.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 887e0d9c-6688-446a-a6c2-4aca2de3858f-1729105081
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inUipgpKzA%2Bc5DHw4K6h1PxFoWXWicN0xU%2FCzd7vJJLm5sGsmJZCbfMX4OaolKT1a2YPN0yBUxdsfVQMB4Gx7RgmEqfmNWV2pLKai0lnL34JiBvVflXOG5RtXvWGZoU6xg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=113.980, imageryFetch;dur=24.520, cfRequestDuration;dur=26.000023, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ShopPayLoginLoader.CeZrNdfE.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbf190f36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2127
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
956 B 306ms
304ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: HbhbHcGrXC9W2_j7J26ebNapQicNs_2W4pcNUko8HrIwcftXr-xacA==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 publishMessage.BWfhS1_S.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
2 KB 38ms
37ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/publishMessage.BWfhS1_S.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: bd360b7c-c4ff-48fb-88f2-d66c42f6c97c-1729105082
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0gyJalZ6AOMP31g7HDASu4HNVCBbUNubK6aY%2B98P%2FvdaLs%2BWwBMzcCQXJzU0PGq%2F93XGfl%2FMYTkOYxDnnhvC4IP%2BpKi%2FHipmu7FgLcvmHyy9rDXcRcGbKdNGOTs6vKVTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=20.434, imageryFetch;dur=20.201, cfRequestDuration;dur=11.999846, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/publishMessage.BWfhS1_S.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbf89bd36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1498
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 118ms
109ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: T2vfIOp0Sp7GKolyK4zukiOkQG14abeJZ_sTOZietaR0mODdmcM1AQ==
date: Wed, 16 Oct 2024 21:34:04 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 PayButtonSection.CoD-K_Af.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
5 KB 43ms
42ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/PayButtonSection.CoD-K_Af.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 805198cb-1a76-4c4c-8db7-a114aa1fb81f-1729105082
content-encoding: br
cf-cache-status: HIT
age: 5153
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfMsLZ4rJ%2BvENE7Xkf%2BVCE9YJRyfTYH6ukrNQlYsQdkp%2F%2FCeh08rutfVl6zykrJclhjsohbXfx1pYF1jvokWF0aPGkHHo2AgbkC2kim3IqTQzpZ8%2BfbL3BkeEGy1EHcW4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=23.111, imageryFetch;dur=22.782, cfRequestDuration;dur=16.999960, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/PayButtonSection.CoD-K_Af.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bbfca4d36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3997
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 314ms
312ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 2-K4W6wV8b5l_sZAE1ZuX6d_j7O5pLDx6cjPYuxi1Wq37JFII3b43w==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 RageClickCapture.vrn_5x3P.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
1 KB 76ms
75ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/RageClickCapture.vrn_5x3P.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 50739a2e-b667-46e7-8b89-15a4b91cc21f-1729105082
content-encoding: br
cf-cache-status: HIT
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2F%2BgFi5pMUdwNFgN2ExxPwc1mPrmqt5oxYSo2xdopGIbUQzW03aePNgQtPnOSeZUYYTQDnhOlCTdj5HCPQCefQ06Z4WQU9DnKBev5MLCeLmstJ0kwZlE5kyvlsB9eZqU8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=21.606, imageryFetch;dur=21.395, cfRequestDuration;dur=50.999880, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/RageClickCapture.vrn_5x3P.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc00ac136d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 746
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 301ms
299ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: djAYEEPgNUEnONOtB3SZ07Qa2tH1eXP6HvqCrvKLuaiyx5HUF7ezdg==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 context.CpalKlMl.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
3 KB 44ms
43ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/context.CpalKlMl.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 6bae1978-d6bf-4d1f-b4a9-db712733787a-1729105082
content-encoding: br
cf-cache-status: HIT
age: 5153
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6ue8SyaJ6SaE%2FyO3f%2Bvl5p6tDt7M5GhOMl5WxKMjuAOryAimMUOlYeeWjsfS6sau5LPP%2B7p3IGyBaBGR%2FAB6WGigeibHD47cfGgkwGMzpULDZcvuwChjQK36fnQL8ExtA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=74.966, imageryFetch;dur=24.737, cfRequestDuration;dur=14.999866, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/context.CpalKlMl.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc09b7836d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2667
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 303ms
301ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 4KJIBsXCcmhbAfZ7kcnti3huBPzTzvvTlpNQqz5E3c_fj2dSgxYDsw==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 DutyOptions.CEf0d1ES.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
5 KB 40ms
40ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/DutyOptions.CEf0d1ES.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 923e022b-d8b0-42a3-a252-e602ab624f1b-1729105082
content-encoding: br
cf-cache-status: HIT
age: 5153
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A72KDNT3CmQbJElO0XL9MZ%2BqnP8vvuRpaOFpMN%2F3OdyhgWSkbuY9eYra0DKuhpzapz1%2BFy4WOKqaPEkLaaIJlp5ATXlqFgOnJMMuHV9lob01mcb4Qxpw7IvmhSqUTybf5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=29.879, imageryFetch;dur=19.768, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/DutyOptions.CEf0d1ES.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc0dbcc36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4172
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 298ms
297ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: jnlfb9IHR-st-yaltRc2GLar-JabIwmxjTZq0Cje6Jx05XtblCK5mA==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 useAmazonContact.C6oqlw2E.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
4 KB 41ms
41ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/useAmazonContact.C6oqlw2E.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 29e1ef7d-2e5e-466b-8ffb-c45c8e27e78f-1729105082
content-encoding: br
cf-cache-status: HIT
age: 5153
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4429z1M1sqRvvXU6l6YwWYiDZDUZ8BMQ78PYiR8YZGu5hownnWLBGBl9ULSeiUhmP1DPCSUBOEQAco8SZz%2FOA6fVItwLFNURhY998rApF4%2FVqVSQHPpsdFKmTsxsP6hVHA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=18.508, imageryFetch;dur=18.154, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:04 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/useAmazonContact.C6oqlw2E.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc11c2736d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2924
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 319ms
317ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: T8IOHRhoehyAokK1am9E7wGQry2zgkK3v66oRWy8_7UepBmhAEmMPw==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 StockProblemsLineItemList.vA6kqCB4.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
2 KB 45ms
44ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/StockProblemsLineItemList.vA6kqCB4.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 3b861702-2cb3-459c-be1d-4aa6dff3a26c-1729105082
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D0XDVZumlIOe38c4MkPOvCuDoMBrs0WDVFIOeQYKAplwN%2FEMgloNy0QsZmXmPuEqisW2ynC82BN0sJC%2BD5tR2qsWrRbjvahgCWA4g52Mew8tS6RMSN7TMtSeibEi%2FWmTuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=22.328, imageryFetch;dur=22.163, cfRequestDuration;dur=14.000177, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/StockProblemsLineItemList.vA6kqCB4.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc16c7e36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1057
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 118ms
116ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: PM8Ux035AhHuipnQ4Hd5o4JQNUFO1cRBKO8yyV1LlH7cQtCqS8ufYQ==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 component-ShopPayVerificationSwitch.Dx0BfsHV.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
8 KB 54ms
53ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/component-ShopPayVerificationSwitch.Dx0BfsHV.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 417d5b76-e452-4c31-b30d-452afbb32a0b-1729105082
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQWFRHTCfiwOpOfcQkWqRt6%2BLCWGdYAi7FQrBsi2LzuYYuup5f2dfWmQ9Ql1ypT04l%2BAY9ZkfK2KoKLlUSj1BAkY8WTx30EcuGZQX5zgOuSqBN09H18Y9JGfhtpGrSYnlw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=426.413, imageryFetch;dur=14.495, cfRequestDuration;dur=15.000105, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/component-ShopPayVerificationSwitch.Dx0BfsHV.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc1acc436d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7775
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 110ms
108ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 6N4oUiwDCoUyKpvxp0KaukKj-IbQTOMYdO2ZDgwjCFa7enmMddeyZA==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 index.D2tyUwN2.js
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/ 0
25 KB 43ms
42ms Other
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/index.D2tyUwN2.js

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 39232f92-af98-4637-9245-5d9bfb6ed2e5-1729105083
content-encoding: br
cf-cache-status: HIT
age: 5154
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPotHyrkdzkE7AeLdh3oebl4tOrHEJeJ0f17iqO0aKvAxbRcI6RrCjaB5jT81ikIvfK3K06w5nhrQ%2B1e0%2BKDEGKDV8YQ3gZm%2FsW3ZEqaMUTcpgoFiu%2F26ITBZ8jf1g8zBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=19.444, imageryFetch;dur=19.204, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/javascript
last-modified: Wed, 16 Oct 2024 18:58:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/index.D2tyUwN2.js>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc22d8736d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25268
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 233ms
229ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 8Z1zZsx2NHBUDvJz1WnTagRDL60M6dHW4LDVFOwrUkqnYDp9fmALwA==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 app.DhZZMK7-.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
23 KB 41ms
39ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/app.DhZZMK7-.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 0a65753f-7f30-427c-9621-0d8d55db4fd6-1728671365
content-encoding: br
cf-cache-status: HIT
age: 438564
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dNbpa0Od2pqEnNHvTq0aXXVw4lLtx7463us94DGABA%2BTz3yhKopKniMCSHpis8%2FycBp5mE0Wmo4GkEfZQgEImUKyZtccOEQcmeF1iBVGdDaEdENlnndnaktcSHzPvFIEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=18.015, imageryFetch;dur=17.691, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 18:29:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/app.DhZZMK7-.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc29e2536d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22602
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 112ms
111ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 85zFCT5DF6hJZpmq-2UyATfAQmgSkN1hRPbd4IqfQhndIWcFxs2YqA==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 OnePage.BL1uXB7_.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
2 KB 46ms
43ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/OnePage.BL1uXB7_.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 1d4de7ed-aff4-48b1-8058-3129d3ddf1ab-1728408676
content-encoding: br
cf-cache-status: HIT
age: 701542
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RAmVeQJw%2Bf40MlceoqSBO%2FgaUtbYfKx5HUpCZdmJ5nIImwTXf5vSksEY3aLWN6%2BF8ZJLKBeJjgCzHRWOx4x5wwQZnkoge332Lqx%2FIQqVRRSNZviFYvjecVNP9MMycHux0g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=19.209, imageryFetch;dur=19.045, cfRequestDuration;dur=19.000053, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 17:31:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/OnePage.BL1uXB7_.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc31f0f36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1057
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 287ms
281ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 7clmR4D7rCYjy8f3GGQr03FEXRB6BXnVnuGuW95_x5B6c7nfmxBixA==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 DeliveryMethodSelectorSection.DNerkzQV.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
3 KB 41ms
40ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/DeliveryMethodSelectorSection.DNerkzQV.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 696b9e1e-a28b-418d-a9d0-be98903126b8-1728685876
content-encoding: br
cf-cache-status: HIT
age: 424486
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMgZe43J37wrHl3Ofzu8QYqN6%2BxxZuNEUn9cTL93Z%2FnSGYGIClyfL7i3TePDkomLQSDbg%2BxfFBl4mCZdWedbLUtLYNW0iSdxuNgOHD2SONxzvNy8lXpoGkW96lwDsOntNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=23.334, imageryFetch;dur=23.077, cfRequestDuration;dur=14.999866, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 22:31:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/DeliveryMethodSelectorSection.DNerkzQV.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc36f8736d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2255
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 295ms
294ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 94WfddERabxGrIwL8SkmdfjK4DxidBG1XQBX3yRIn1sVqz0LuMGY8Q==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 Rollup.o9Mx-fKL.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
1 KB 45ms
44ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/Rollup.o9Mx-fKL.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: a1a754f1-c27d-45d4-9ad1-50c096f5409d-1726796919
content-encoding: br
cf-cache-status: HIT
age: 1297235
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=annJTU9R8rureQ6qxIuVMd3UxbcJuTrJR7jYsZ60PSeiwrs%2FAFgLD4Mfjczs5gV0k%2BkqEEaxALSd%2BDU3QjqAlOaxlhHIX8n5j4hitZ7adOHIRWrJlCU76oPeAIzLLvaSuw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=18.305, imageryFetch;dur=18.122, cfRequestDuration;dur=13.000011, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Fri, 20 Sep 2024 01:48:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/Rollup.o9Mx-fKL.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc3a80536d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 358
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 311ms
309ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: HoK6tpzWPCxN8qs3_YkwSL8GCzSRhgX_QV9axsok1m0YfyT4AZeoWQ==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 SubscriptionPriceBreakdown.Bqs0s4oM.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
861 B 44ms
43ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/SubscriptionPriceBreakdown.Bqs0s4oM.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 779b5044-0243-4407-bb57-44849577f8c0-1726794895
content-encoding: br
cf-cache-status: HIT
age: 1296993
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iofC0jE%2FQCOi1TxruMzale06nq%2BQ%2FrdQrywCf78o9cl%2FQ6PJwVTjB%2BHtYZN8v5NoQQdFyNMqPaoTXLfvu9zIBF8WQbt5ZhrIv%2Bk2542SU%2BopoKMbCKkFuhgG74qljiyW6g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=16.409, imageryFetch;dur=16.262, cfRequestDuration;dur=17.999887, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Fri, 20 Sep 2024 01:14:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/SubscriptionPriceBreakdown.Bqs0s4oM.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc3f86f36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 312ms
310ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: rCRectVu2OA1lJQ9l5dWG2LWAzHIN_7A_r-iyiYf1Sv3eRuJgjBroA==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 ShopPayLogo.D_HPU8Dh.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
856 B 44ms
42ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ShopPayLogo.D_HPU8Dh.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 9fbd4cf5-ce60-4bc3-ad1c-8981b1a46b29-1725976287
content-encoding: br
cf-cache-status: HIT
age: 3128647
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BeOVGTXQ%2Fvik0Br1dS%2B9Zk0UPIIxdDa3N8vo4htHLjqCFNPueeXGhO5ofbxKx1uA1y%2BQZZIywSoOHuXm2CMfHCqUnLKgGKVU1DRKhkHhfTw2w8nBEQ3OMoVN7oZVY8Zm3A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=18.105, imageryFetch;dur=17.874, cfRequestDuration;dur=13.999939, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 13:51:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ShopPayLogo.D_HPU8Dh.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc448d236d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 122ms
119ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 3jgRkvZ8dMgrkUS48LSQCV0qcfwkJNB-SbtGoiFrkfKTTf1Z80lwAA==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 PickupPointCarrierLogo.C0wRU6wV.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
810 B 38ms
37ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/PickupPointCarrierLogo.C0wRU6wV.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 0fd24992-20c5-454d-b032-6f3dc47f4f24-1725976288
content-encoding: br
cf-cache-status: HIT
age: 2266402
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FvbogEkhlqGlBgwkqf9rJRXvLEgJ%2Bn646SwFkJztPOGMRTvTk514goWPjhUVBZ7SAK87oeQNuzeKmeFvIeEC70Q44zRvT%2Bi7WhDg5eowQs5lW64DwVAYT0KejeWJi0%2BAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=22.209, imageryFetch;dur=21.967, cfRequestDuration;dur=11.999846, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 13:51:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/PickupPointCarrierLogo.C0wRU6wV.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc4891b36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 311ms
309ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 5CsiT0HeIitZe3ZqN4XKhJnIpyJ11LuSvGsBHXlRKDl9WwqTdvHWbw==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 VaultedPayment.Bk8Je7sI.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
2 KB 39ms
38ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/VaultedPayment.Bk8Je7sI.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: a13a5c43-52a3-4710-a4eb-3bcd445808a1-1728488682
content-encoding: br
cf-cache-status: HIT
age: 621853
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2iUZ06WYy1Vr9rqImcjA2oT1lHNVNhkj%2B%2BK7ilZp4z%2BwrqFRqJrhxUUwiLNuO5pZ%2B56iZdhGaksa0WSlfeCTLGnd6zjZ4mVoQuJMEa%2Bs3ED6VzMLMB9UU%2Fpc1ALbFhLLsw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=20.347, imageryFetch;dur=20.155, cfRequestDuration;dur=13.000011, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Wed, 09 Oct 2024 15:44:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/VaultedPayment.Bk8Je7sI.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc4c95836d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1500
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 308ms
306ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: gXHLi1TsFDD3dGYCPMQQhHyUsaZ9N3iSzOFDvs50huX4jHdcdJ0GkQ==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 Section.sQehCocD.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
826 B 60ms
59ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/Section.sQehCocD.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 882cee48-2ba8-43bc-820a-354886f92a65-1725976291
content-encoding: br
cf-cache-status: HIT
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSpUGY5vF0Ov2kRN0YyNDmfKPxAhWnbr1bIPCblZFPfUb0dtnKPHVunVU15%2BlDN0emeUAa95J6z53WxX7mDK4BKShewiJnZ15mureY9IeTOLohlVAp%2BNM7ZPSIt4WjpBlg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=14.933, imageryFetch;dur=14.650, cfRequestDuration;dur=32.999992, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 13:51:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/Section.sQehCocD.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc5199336d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 314ms
312ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: FBb_MGleKtcBiNCXD5AtgvEsMN6EewSlW7xpl9ueGEebt5kn_I35Kw==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 ShopPayLoginLoader.CjGSo8kt.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
868 B 41ms
40ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ShopPayLoginLoader.CjGSo8kt.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 43fbe7e4-4a70-495e-a812-b0105500555c-1728408676
content-encoding: br
cf-cache-status: HIT
age: 10134
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F9bjpTGtqY9L8OBVY%2FaqXvqaafLw6foGj2H%2BZuTho3eZHJjg1m6t74uoqmbNvz3VLcF6wJFQgF5SYGIOszLH%2BHVRvOOGAf6VRIUahG%2FGUpkHJ%2F54Is6llWvh1fPbJWK02Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=19.568, imageryFetch;dur=19.389, cfRequestDuration;dur=14.999866, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 17:31:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ShopPayLoginLoader.CjGSo8kt.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc579fc36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 95
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 297ms
295ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: UWJYGI1zHWJQSGKUTKVEZW3tgjC7W2EtTkiH6uZ9cL3jZCY2FiQe9A==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 PayButtonSection.DF7trkKf.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
894 B 41ms
40ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/PayButtonSection.DF7trkKf.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 619740ee-5769-44ff-9c3c-24c11c48c14a-1725976292
content-encoding: br
cf-cache-status: HIT
age: 1233772
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSU1a4YeUaHRVK0Uh9SOp15Hs9nnH%2BxkdfB9d%2BcPwHrDPglddwZj6mWSaTy6XlgEia4jMkUZfCa4zKby8Wp7ahbnduGdChTu%2FnVqdjy2ukE8lE4jPqYMZquApCA31H0Row%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=24.943, imageryFetch;dur=24.742, cfRequestDuration;dur=15.000105, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 13:51:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/PayButtonSection.DF7trkKf.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc5ba7d36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 304ms
302ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: -gLdw3vfOXCP9UalU3TwjG67LZxhHlaAuXr2v7DRoj_HgYUkgu_PKg==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 RageClickCapture.DnkQ4tsk.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
867 B 42ms
41ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/RageClickCapture.DnkQ4tsk.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 85378437-6e1c-407c-b350-3967ade02d79-1725976287
content-encoding: br
cf-cache-status: HIT
age: 2266403
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTcDROVA%2FkiaHItTDJziVbDI8rV1eI7%2F5U4ix3t7lcslfiSiSDVP%2FDwEiOTHidpNeDL0olG%2B5xIiaShrmJ7Vf5waIJ8Es4wsimb%2FSwU%2FGZe9sCz622C7Ynyb19kzOSoqNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=20.334, imageryFetch;dur=20.093, cfRequestDuration;dur=14.999866, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 13:51:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/RageClickCapture.DnkQ4tsk.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc60acd36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 98
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 308ms
306ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: PvT0TcET6sYcihds19vjc5zc5gHwaNYAHyRCYhhboWmD2uZoIvAVaw==
date: Wed, 16 Oct 2024 21:34:06 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 DutyOptions.CtZGmwZL.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
2 KB 42ms
41ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/DutyOptions.CtZGmwZL.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: bdfa6d99-eafa-48db-b219-d81d8bcf0a8a-1728488682
content-encoding: br
cf-cache-status: HIT
age: 621853
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2fX8osjnzt%2Fw%2FuyE0AoTie4JyCK%2BWRP72lCG5IVfISnNs1vwqHwXg47JH1KZBvX550Vi4rTZ7cN8brd2H8eqhWq1%2FDci%2FlHYY18jCE%2BbLpaG%2F5OIxQXIpa4Wfjlg8wK%2BHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=28.192, imageryFetch;dur=27.843, cfRequestDuration;dur=16.000032, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Wed, 09 Oct 2024 15:44:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/DutyOptions.CtZGmwZL.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc64b1836d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 981
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 128ms
126ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: tI8uNEQF9WOvUJs75J5UiCAQ_rzlcMKgUTcM2Z1SWD7cGcjNPCFsDQ==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 useAmazonContact.D-Ox6Dnf.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
916 B 39ms
38ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/useAmazonContact.D-Ox6Dnf.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 331cbf7d-ee96-4270-aad1-8e61e07056bd-1727888095
content-encoding: br
cf-cache-status: HIT
age: 1219762
x-dc: gcp-us-east1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B20Dm0%2FBbhiJlwMfTs6%2FqMjRUTXHVmX2DMT%2FzPYLxjISxNo0aq5SUgctBbAdeuABHwrYRuymWVJvsTyAgx6uo2syv7gGEW8xW02xyM1k1m3YC7VV1QEco1hU33KlSYIpqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=18.010, imageryFetch;dur=17.859, cfRequestDuration;dur=11.999846, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 16:54:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/useAmazonContact.D-Ox6Dnf.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc69b7b36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 144
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
959 B 114ms
112ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: MmNpJRklX1pSpFzWelsSyBlMXtscZjSLjIiTinEnkESUgOjRsn49Bg==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 StockProblemsLineItemList.CxdIQKjw.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
850 B 42ms
41ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/StockProblemsLineItemList.CxdIQKjw.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: f9aff8bd-7c72-41f9-8a18-e912afee3f2f-1726794895
content-encoding: br
cf-cache-status: HIT
age: 2266402
x-dc: gcp-us-central1,gcp-us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvjjk0uUuZqdNEqgShsNK93JWSBXhyVG10Ud7A1JAJQjR%2BSAIr65Cfw8XMehCATBQG1aPmZpxCGabvR9xe2xxnOlstIueiwyRKTA1MP8%2FuDZd5gzbRN59SysRHXH%2FmV0Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=19.504, imageryFetch;dur=19.339, cfRequestDuration;dur=16.000032, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Fri, 20 Sep 2024 01:14:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/StockProblemsLineItemList.CxdIQKjw.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc6dbdb36d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 112ms
110ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: ZQYiZ4VybYfHD3ZAFE102v7qKE_-gSxArlcPpdvJhUavlcbGASlzJA==
date: Wed, 16 Oct 2024 21:34:05 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 ShopPayVerificationSwitch.CAxiAssW.css
cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ 0
1 KB 38ms
38ms Other
text/css 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ShopPayVerificationSwitch.CAxiAssW.css

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: cd836f61-a9ea-4bd8-8863-610e5e3abd39-1725976294
content-encoding: br
cf-cache-status: HIT
age: 508954
x-dc: gcp-us-central1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXQ%2FKzDK4dqONjxXvm5jkJOpewCvBMoUr%2FRnOrJ5WBz7vDqf%2FWTi774DTrBdxgNXASkuzywJ8LTcVsgeOOv3OY0wftzW7qIqbAGhLJvGl2v2xs5Kh6KzP94DumZn9h9W1w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=17.832, imageryFetch;dur=17.659, cfRequestDuration;dur=13.000011, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:05 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 13:51:35 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/shopifycloud/checkout-web/assets/c1.en/assets/ShopPayVerificationSwitch.CAxiAssW.css>; rel="canonical"
cache-control: public, max-age=31536000, immutable, no-transform
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc71c1936d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 678
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
957 B 299ms
298ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: 5fzkyEuQazteLAYvcdH9sub_RroMVB6-98-Lp2XUJnrGLh-_uFsRug==
date: Wed, 16 Oct 2024 21:34:06 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 2_1_x320.png
cdn.shopify.com/s/files/1/0141/8838/0214/files/ 0
43 KB 55ms
54ms Other
image/png 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0141/8838/0214/files/2_1_x320.png?v=1661197255

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/checkouts/internal/preloads.js?locale=en-CA

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bfitamazing.com
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: 7c442614-c8e0-47a3-a881-a8ec70617c8a-1715635879
access-control-expose-headers: *
cf-cache-status: HIT
age: 2266401
x-dc: gcp-us-east1,gcp-us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LM1d6WwzCHYiBDLzqwPVN8eTyuMCfGXbiQF7ydEkuFo%2BLRv8xr3839EVv8zlyFm%2B1p%2FvlPqSDgEMsdh%2B4C%2BMUdu3frVSubO2R6G16o24Qdte4ynJJeez928%2F142LgC42tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: imagery;dur=152.688, imageryFetch;dur=41.199, imageryProcess;dur=110.044;desc="image", cfRequestDuration;dur=27.999878, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:06 GMT
source-type: image/png
content-type: image/png
vary: Accept, Accept-Encoding
last-modified: Mon, 13 May 2024 21:31:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
link: <https://cdn.shopify.com/s/files/1/0141/8838/0214/files/2_1_x320.png>; rel="canonical"
source-length: 22777
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d3b2bc75c6836d4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43492
x-xss-protection: 1; mode=block
x-shopid: 14188380214
server: cloudflare

POST
H2 200 log Show response
widget.sezzle.com/v1/event/ 12 B
958 B 111ms
109ms XHR
text/plain 2600:9000:2511:9000:f:5e39:d380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.sezzle.com/v1/event/log

Requested by

Host: www.bfitamazing.com
URL: https://www.bfitamazing.com/cdn/wpm/bf89442e3w5976a1a5pcc3547ffmf63603f5m.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:9000:f:5e39:d380:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bfitamazing.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-content-type-options: nosniff
via: 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 12
x-amz-cf-id: Qezjuj5-xfmoO9FKI0JIRHGHgeUMCdpzvMm9XfieV0eLbijBc1qw2A==
date: Wed, 16 Oct 2024 21:34:06 GMT
x-xss-protection: 1; mode=block;
content-type: text/plain; charset=utf-8
vary: Origin
x-amz-cf-pop: JFK50-P6
x-frame-options: SAMEORIGIN

GET
H3 200 3_1600x.jpg
www.bfitamazing.com/cdn/shop/files/ 73 KB
74 KB 45ms
44ms Image
image/webp 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bfitamazing.com/cdn/shop/files/3_1600x.jpg?v=1661106972

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

7964c2cebfe6257b1527cb8818c782e6e43e7fb130482761407d4613474576de

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bfitamazing.com/

Response headers

x-request-id: cbf38768-6bb4-4e12-a498-7a42078baa32-1720367845
access-control-expose-headers: *
cf-cache-status: HIT
age: 14014
x-dc: gcp-us-central1,gcp-us-east1
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1tehJjwrZYeV%2FdOcPuIx9iVNh6ZjDpJSo16wQZv808Iv9jrKnrV6Er8RJlviNSLL38NCPe6ZmOpufAmQiC8skEdbWVWeqKFdGiWaYfLsX8edC45Uzn0yhKF8AcE%2FQX3783Js58%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-sorting-hat-shopid: 14188380214
server-timing: imagery;dur=641.288, imageryFetch;dur=118.311, imageryProcess;dur=521.005;desc="image", cfRequestDuration;dur=17.999887, cfExtPri
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 21:34:06 GMT
source-type: image/jpeg
content-type: image/webp
vary: Accept, Accept-Encoding
last-modified: Sun, 07 Jul 2024 15:57:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
source-length: 649358
content-security-policy: sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cache-control: public, max-age=31557600
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8d3b2bc96b5c42e4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75140
x-xss-protection: 1; mode=block
x-sorting-hat-podid: 272
x-shopid: 14188380214
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bfitamazing.com
URL: https://www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/web-pixel-182780177@4fd0680eed907adaf3f85849c393d688/sandbox/worker.modern.js

Domain: www.bfitamazing.com
URL: https://www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/web-pixel-12976401@bb41bf091d86ec09beb5141ead6fafc0/sandbox/worker.modern.js

Domain: www.bfitamazing.com
URL: https://www.bfitamazing.com/wpm@f89442e3w5976a1a5pcc3547ffmf63603f5/web-pixel-shopify-app-pixel@0220/sandbox/worker.modern.js

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 00:20:00	Name: X-AB Value: cc8f398e6c2d4b84b15908c5e6ccf9a3
www.bfitamazing.com/	1970-01-21 09:04:10	Name: secure_customer_sig Value:
www.bfitamazing.com/	1970-01-21 09:04:10	Name: localization Value: CA
.bfitamazing.com/	1970-01-21 00:20:00	Name: _cmp_a Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.bfitamazing.com/	1970-01-21 09:04:10	Name: _shopify_y Value: aa04f15a-4ef5-4d3e-bd79-f20b66b407b3
.bfitamazing.com/	1970-01-21 00:38:44	Name: _orig_referrer Value:
.bfitamazing.com/	1970-01-21 00:38:44	Name: _landing_page Value: %2F
.bfitamazing.com/	1970-01-21 00:18:36	Name: _shopify_s Value: 5dc1be37-f0c2-4903-987c-85db9d26929a
.bfitamazing.com/	1970-01-21 00:18:36	Name: _shopify_sa_t Value: 2024-10-16T21%3A34%3A00.725Z
.bfitamazing.com/	1970-01-21 00:18:36	Name: _shopify_sa_p Value:
www.bfitamazing.com/	1970-01-21 09:54:34	Name: __kla_id Value: eyJjaWQiOiJZak5rWkRVNVpqZ3ROVEZtTlMwME9XUTBMV0ZpWVRndFltUXlaalppWldReE1XUTAiLCIkcmVmZXJyZXIiOnsidHMiOjE3MjkxMTQ0NDEsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmJmaXRhbWF6aW5nLmNvbS8ifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MjkxMTQ0NDEsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmJmaXRhbWF6aW5nLmNvbS8ifX0=
.bfitamazing.com/	1970-01-21 00:20:00	Name: _gid Value: GA1.2.2034891129.1729114441
.bfitamazing.com/	1970-01-21 00:18:34	Name: _gat Value: 1
.bfitamazing.com/	1970-01-21 02:28:10	Name: _fbp Value: fb.1.1729114441722.2199252653615114
www.bfitamazing.com/	1970-01-21 09:04:10	Name: _pin_unauth Value: dWlkPVlUY3hZbU5oTWpJdFltVXpNaTAwTkRZeUxUbGxOMkV0TTJNd05HRXpaakZqWVRFNQ
.pinterest.com/	1970-01-21 09:04:10	Name: ar_debug Value: 1
.bfitamazing.com/	1970-01-21 02:28:10	Name: _gcl_au Value: 1.1.1208178091.1729114442
.ct.pinterest.com/	1970-01-21 09:04:10	Name: _pinterest_ct_ua Value: "TWc9PSZhWCtDYkhJSWYyeWFCcU9ISFRIRS9OdGtjYmh5dlBqb0dVUjF1bVRHTUVPT2M4VENNeXkrQitjSGp1TFdCVFFpS2F2OUxVeHpSTWlnYlc0RVc4TE1Ta3NzMndGY3c1TXA5ZWFuOXoxS3RnND0mQ3h5cm9MY1NhSWFFcUU2a3JuS2xQZktldS9RPQ=="
.bfitamazing.com/	1970-01-21 09:54:34	Name: _ga_HSXT121041 Value: GS1.2.1729114441.1.0.1729114441.60.0.0
.bfitamazing.com/	1970-01-21 00:18:34	Name: _gat_gtag_UA_135046488_1 Value: 1
.bfitamazing.com/	1970-01-21 09:48:21	Name: _scid Value: IHh47Ai-p08rKNN1TD7x6zeNNGasPHPM
.bfitamazing.com/	1970-01-21 09:48:21	Name: _scida Value: _62qBPFaTvU2PuF58gtmtAezZo6V2Br9
.doubleclick.net/	1970-01-21 09:54:34	Name: IDE Value: AHWqTUn393sOdF4MgMsXy1JXbHlYe0gmuyG-tjOD8lZzpShWXV1gMW--1ZkgaiDA
.bfitamazing.com/	1970-01-21 09:54:34	Name: _ga_2X1C9W64Y0 Value: GS1.1.1729114442.1.0.1729114442.0.0.0
.bfitamazing.com/	1970-01-21 09:54:34	Name: _ga Value: GA1.1.583531992.1729114441
www.bfitamazing.com/	1970-01-21 00:18:36	Name: keep_alive Value: 719b1b18-4aa6-4920-92d3-cf88ee567895
.bfitamazing.com/	1970-01-21 09:04:10	Name: _tracking_consent Value: %7B%22con%22%3A%7B%22CMP%22%3A%7B%22a%22%3A%22%22%2C%22m%22%3A%22%22%2C%22p%22%3A%22%22%2C%22s%22%3A%22%22%7D%7D%2C%22v%22%3A%222.1%22%2C%22region%22%3A%22CAQC%22%2C%22reg%22%3A%22%22%2C%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.bfitamazing.com/	1970-01-21 09:48:21	Name: _scsrid_r Value:
.bfitamazing.com/	1970-01-21 09:48:21	Name: _scid_r Value: Ofh47Ai-p08rKNN1TD7x6zeNNGasPHPMByYOKggtqgTxWk71Nj7hefILZrQHs2aOldga_b3zc_M
www.bfitamazing.com/	1970-01-21 09:04:10	Name: _ks_scriptVersion Value: 311
www.bfitamazing.com/	1970-01-21 00:20:00	Name: _ks_scriptVersionChecked Value: true
.bfitamazing.com/	1970-01-21 00:28:39	Name: _ScCbts Value: %5B%5D
.snapchat.com/	1970-01-21 09:40:10	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GyRHAMAgDwIqYAVnEId34UBcuPl/vazFF4R0mOoy10+pZaZ5zK1bjgE7Qv+ioCJLtXPUfzqMf8UAAAAA=
.tapad.com/	1970-01-21 01:44:58	Name: TapAd_TS Value: 1729114443432
.tapad.com/	1970-01-21 01:44:58	Name: TapAd_DID Value: 3e9a2684-0a59-4c16-abf6-b1c95d917f60
.tapad.com/	1970-01-21 01:44:58	Name: TapAd_3WAY_SYNCS Value:
.bfitamazing.com/	1970-01-21 09:48:21	Name: _sctr Value: 1%7C1729062000000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.config-security.com
app.kiwisizing.com
cdn.jsdelivr.net
cdn.shopify.com
checkout-sdk.sezzle.com
code.jquery.com
conf.config-security.com
connect.facebook.net
d34uoa9py2cgca.cloudfront.net
d3ejra0xbg20rg.cloudfront.net
d3ithgl79uu5su.cloudfront.net
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
intg.snapchat.com
reconvert-cdn.com
sc-static.net
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
td.doubleclick.net
tr.snapchat.com
triplewhale-pixel.web.app
widget.sezzle.com
www.bfitamazing.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.merchant-center-analytics.goog
www.bfitamazing.com
142.250.64.99
142.250.80.100
142.250.80.66
142.250.81.232
142.251.35.162
142.251.35.163
142.251.40.238
151.101.130.133
151.101.194.133
151.101.66.133
157.240.241.1
172.67.192.204
18.164.131.94
23.227.38.74
23.227.60.200
2600:1901:0:e57f::
2600:9000:24f1:ea00:7:67fb:be80:93a1
2600:9000:2511:9000:f:5e39:d380:93a1
2600:9000:26fa:2200:1b:6fb2:b780:21
2600:9000:28b2:2800:0:8879:1f00:93a1
2600:9000:28b2:e200:13:39e7:1700:21
2606:4700:20::681a:340
2606:4700:20::681a:e45
2607:f8b0:4004:c06::9a
2607:f8b0:4006:806::200e
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::200e
2620:0:890::100
2620:127:f00f:e::
2620:127:f00f:ff01::
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::649
2a04:4e42::485
3.163.245.4
35.190.43.134
00d5faf1a33d111264fb6ef858eee867d64611f91fc3e033db07d322fbdfa340
0339974e1ad182755334d2ed3f5e266d7e146ed05f118b49a9c104b330fd9034
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3
12082b51f80f43f2faac9b6158d0494c621b509a9214ede618e191c462d91465
12785cb6f51eedfe924046634d53e20c66c270da4ed4372015e5127d6df52c05
158c964b4b611ae075fc8a19378787a4059ce46c4ba806153b7a3348ed47e52a
19e8763af18365ca32b324c6310c4f7e5f123c2dc4be12d34f3afc5473fb9bdf
20e3f78641278b57ca2499f3d2a2bbb7c564cb72c6290851d3e91ec18885a137
2788c0531b662b060dfde5958ea94c841a39ae5f901947c5fca39dfb5bcb1c0a
301113c8498676b8498c47191c89fe66b5f862c777c00d23224830da16928c8c
30cbebde9bc44c8629171efedc723e5c37ec93bb1f510b9d9439a2495dc3646d
3261fa7a88e5c34de2e2d09fa78e5521967233bd12f75d1bb1bc6ca08f2bd61b
32cd77fd7a2ef5b09be5beef1a6148e3e3d930c544e792ab14ed947ac2ad921d
3774c935fed760f49fdb7cef27ce2db9c3b5facc81e9c464c78ec48a0c777bdb
3da35fa622f089b4303970e070e9a45461bd1f8c486731641575e2312e940d71
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443aa67e34ea17fd30448470318c93545e09089376a98284d8fca90b903fa2c1
44c533accdaaf6807e71f3ab9a98402c13cf12abeb5ea8eb4adab04e7ec2a1a6
4550d9663af4d6f309c0801f8fc39d99c6efac7af4f36538d336e48d61c2f5a8
468e777478117be830b202b97cdf0304bee6f3d9fd4cb1ce70650ed93b7fa4a1
48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66
49f67b0e93def654d7510dc869e36d8a30d1a70a3e55990619d28f0e3cef2647
4a74f4a719e2aeec87d3a9deae04383c434484d9f6c45ad6c3e0522dd1af253a
4b40284832da9ac4590fcb6099da89396dafe7bc1fe63f7f68451a66b79e5b48
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4f6de0668340817dc2f5add9a31011870ec026672717e78880e35b18b018ac82
5042c15d11141a168aac36b91fefb9e8a5400de64b810b0d0bd53b10dcee07ab
537b1ec6bb5c03f08b46f53ac545641bb18297c32acfdc1978b38494b6890216
5bbd9766838bf11e3ff360ec5cbb60d6ada352fbad7f7691e24f847313b9b1d4
5cf4882c19e095a337f473d17181c0495b438c0c0e7c8036e0e7c05c884900dc
5fddec91d28f6d528291f1e6b47599a4a9e0ea81c96990baae19708b69dc9388
61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626
63d11ec2d6d2cd59ad74c57271af03ed7628844e72c76a1210775f6b524cec54
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cba8af2349025da789b0cb1d647df9fbb0f944f5af1c27198afc12cfcfcab4d
6eaa7d84867f4a3f58d1cff2d44b4d4adfcc58072a48d761fe092b7e6172b253
74296de1f373b34282073f19bdc74d2992a036721c4541992443b879c47b7c35
7769261830400ef639663fd747fb7e8bd78bab9f6da70e7366bd5bfd297e2b9c
7964c2cebfe6257b1527cb8818c782e6e43e7fb130482761407d4613474576de
845035c98d06ef965ab8247d3125482e55e60f0cb0f1df417e0dcb515e01f108
856660aad236f69c3a5b7ec40674e38ebbbd095533a235c28e8b85cee9c1b261
85d5ac1d160aef42c670cec3362747ce9452c85a2e3a82e4753a960616e7d93a
872ac92354b1355aa78dfb07d23abd33d15ad8996c8044f38f47d537fc47248b
892e2e7753150d401738d32596d2002f0bd4f72732da65cf95d8a796cff7d8b2
8b4a20102133b4f374090f8e896adbe18b58969bc5125d9daf316b2856970a88
8d702707f2225f15e41a83292f1ae349fabeb590c257526b64abaeaf53c76357
96b8d2906cb2af51cc386371734d9e1074b644ed4a5c375fce2f5cddf3b834eb
9b269ecdca61dbfbd68563737cb9a48ae529c5675fb0b4a5238c6b5142bbd9a7
a3c053d11506f3f1ef0795f89739c8a0f99e4e2d50fc05205b4ec0a818a32c57
a45427201f10ab957d0c8abffb1b023662880f1fd803a60dfc024c2b1dc71d0a
a52d5d5f122b5467fff12dc296c83336426ee8dc90be7ce1042e07f99c6c9f03
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad093efc6d2cd6df2b7563140acf51f71072b8a650b900ad0007f61d42ae8128
b183b15cf4982eeae148cf6f04840c22870d7f0ff9766e2b73e1f01bf1b989c7
b4224ae540e67bc666a3f7bc9ac54963e2dbb319444dbc00c58778f484f7b5f1
b59d5f1c395f6c6931df5d01e7de4086834c7098cdfd6d043fb5199b5dae2236
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bf41a7b9f94976331005fe1f97a3194ddefc3a976d82b57b2e38e5f0f7ea3f0f
bfabda5afe2be68701414d334a01b2cf8154ad081f01a634fa8185e9be50cb2f
c38660534a219103f17b924d13d0f0e67554bbda1b4b45e45ef48d1d390c020d
d006c54a029c959c5d071460f27253c76afef2353be4c685a741487b2e0cfa41
d1e26c3e6af32b965902df34319e98f02ca064c0eca4048fa364357548a8b28e
d2586e045767a0379e2072dc2fd04a86e9b2514620ffab62af46318aa20e2f01
d2b291648a1d42780b0044c40578a04c3f7e117284720ec3129c55b9c4acd6bd
d5879d269f2dbd49d4dc19794123d70799fe26f1effa9ed0d90224e26fab3dfe
d7385315ce8ef687578ffaea21652329fb265b61794683454fd49d11c9a18436
d788eb70230807f3fd125f0560a60a91cebea68622ce588cec35c486b3e8d81f
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
dbbc0bd4a4a39a1230786666756234e6c7067f543dedfaf3dd81265f37bbc3b2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1c5b6927130c22739a4c5630cbbec5c870b5f52d0389146778505bf66100cd3
e1fd54ab6ddcbd5c290bf0293dc1e428a8bc0ee2a2723b344398d663449487c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e1a662efe9f5d98df0c8f00c64fe3927308691a8fd90135f29fa9c08ff87b1
ea56502693fda98428697c457b61f6b75a251aa229033d1986cb06f50b5b4c09
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d1a743cf6932fe03063fabcf867d8dffa59084b63d84edea9922320f8748c9
f4e7948c1c9e4f45ef404dbb8b5dbcaa265bad73ea228bf111efe71177b448d9
f8a6da3f23efa5d729d1cb8ac8da43bab8f3ec27583974f961dc154c77c59613
f99eeca80bb5c5e88ba7788559ba51a6729c2421c960db2537d396802d0ee82b
fbb91ff03cc055902dea0e6e1b0a9d414a3040e57d5077480333b9a19336fb15
fd5176567526e8f17282da8e6dad1600f84c5f04021c64efde95e9f82e7e78fa
ffaf3b7f34955e1c40b72cab3f9c84a08869774c525b76cbca16dc4b08593b08

www.bfitamazing.com Open in urlscan Pro 2620:127:f00f:e:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

226 Requests

98 %HTTPS

55 %IPv6

24 Domains

35 Subdomains

38 IPs

2 Countries

2093 kBTransfer

4087 kBSize

37 Cookies

22 Outgoing links

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bfitamazing.com Open in urlscan Pro
2620:127:f00f:e:: Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

98 %
HTTPS

55 %
IPv6

24
Domains

35
Subdomains

38
IPs

2
Countries

2093 kB
Transfer

4087 kB
Size

37
Cookies

226 HTTP transactions
1 data transactions