urlscan.io logo urlscan.io
SecurityTrails logo

xbloom.com Open in urlscan Pro
23.227.38.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xbloom.com/
Effective URL: https://xbloom.com/
Submission: On June 10 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 4 countries across 41 domains to perform 255 HTTP transactions. The main IP is 23.227.38.32, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is xbloom.com.
TLS certificate: Issued by R3 on April 26th 2024. Valid for: 3 months.
This is the only time xbloom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
102 23.227.38.32 13335 (CLOUDFLAR...)
2 2620:127:f00f... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
14 151.101.2.133 54113 (FASTLY)
1 2600:9000:26c... 16509 (AMAZON-02)
15 2620:127:f00f... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
3 151.101.66.133 54113 (FASTLY)
2 151.101.193.140 54113 (FASTLY)
2 2a03:2880:f00... 32934 (FACEBOOK)
9 104.18.72.113 13335 (CLOUDFLAR...)
1 18.160.41.49 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
5 23.212.251.18 20940 (AKAMAI-ASN1)
1 2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.249.39.93 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
3 104.16.51.111 13335 (CLOUDFLAR...)
1 2.23.138.46 16625 (AKAMAI-AS)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:250... 16509 (AMAZON-02)
1 1 52.85.61.47 16509 (AMAZON-02)
1 2600:9000:201... 16509 (AMAZON-02)
1 104.197.53.66 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:9000:207... 16509 (AMAZON-02)
2 138.68.32.225 14061 (DIGITALOC...)
1 2600:9000:208... 16509 (AMAZON-02)
4 2600:9000:219... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:9000:250... 16509 (AMAZON-02)
1 2600:9000:24f... 16509 (AMAZON-02)
2 3.162.112.58 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.85.132.5 16509 (AMAZON-02)
1 2600:9000:24f... 16509 (AMAZON-02)
1 2600:9000:250... 16509 (AMAZON-02)
1 34.96.97.208 396982 (GOOGLE-CL...)
1 34.241.27.40 16509 (AMAZON-02)
2 34.195.184.210 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:24f... 16509 (AMAZON-02)
5 35.174.88.173 14618 (AMAZON-AES)
1 2600:9000:24f... 16509 (AMAZON-02)
3 54.198.164.148 14618 (AMAZON-AES)
1 2600:9000:201... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.160.41.29 16509 (AMAZON-02)
255 64
102    23.227.38.32 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com
xbloom.com
2    2620:127:f00f:ff00:: (Canada)

ASN13335 (CLOUDFLARENET, US)
shop.app
5    2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.klaviyo.com
fast.a.klaviyo.com
1    2600:9000:26c1:600:2:9231:580:93a1 (United States)

ASN16509 (AMAZON-02, US)
d3hw6dc1ow8pp2.cloudfront.net
15    2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)
cdn.shopify.com
2    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
3    151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static-tracking.klaviyo.com
static-forms.klaviyo.com
2    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
alb.reddit.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net
static.hotjar.com
2    2606:4700:20::681a:a8b (United States)

ASN13335 (CLOUDFLARENET, US)
api.bixgrow.com
3    2607:f8b0:400d:c0d::64 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    23.212.251.18 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-251-18.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2607:f8b0:4004:c0b::93 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2607:f8b0:400d:c0e::64 (Morganton, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2607:f8b0:4004:c17::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.merchant-center-analytics.goog
1    13.249.39.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-93.iad89.r.cloudfront.net
script.hotjar.com
4    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:1408:c400:5::17c7:3705 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2600:1408:c400:29::17da:da47 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
analytics-ipv6.tiktokw.us
4    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:400d:c0d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:1408:c400:5::17c7:3727 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
tbdxsupport.zendesk.com
1    2.23.138.46 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-138-46.deploy.static.akamaitechnologies.com
chimpstatic.com
6    2606:4700::6812:1182 (United States)

ASN13335 (CLOUDFLARENET, US)
sdks.automizely.com
1    2600:9000:2501:7000:15:decf:f580:21 (United States)

ASN16509 (AMAZON-02, US)
d38xvr37kwwhcm.cloudfront.net
1    52.85.61.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-47.ewr53.r.cloudfront.net
referralprogramapp.com
1    2600:9000:201e:2e00:1b:9025:e980:21 (United States)

ASN16509 (AMAZON-02, US)
d1xlc0a8mald46.cloudfront.net
1    104.197.53.66 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.53.197.104.bc.googleusercontent.com
social-login.oxiapps.com
1    2606:4700:10::ac43:18ba (United States)

ASN13335 (CLOUDFLARENET, US)
str.rise-ai.com
1    2606:4700:10::6816:2dbd (United States)

ASN13335 (CLOUDFLARENET, US)
strn.rise-ai.com
1    2606:4700:3032::ac43:d7c4 (United States)

ASN13335 (CLOUDFLARENET, US)
gtm.gropulse.com
1    2600:9000:2073:a00:18:94b4:d1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
shopify-widget.route.com
2    138.68.32.225 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: sfo2.digitaloceanspaces.com
sfo2.digitaloceanspaces.com
1    2600:9000:208f:2a00:17:6686:3380:21 (United States)

ASN16509 (AMAZON-02, US)
dr4qe3ddw9y32.cloudfront.net
4    2600:9000:2199:6c00:1:74a3:9240:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.smile.io
4    2606:4700::6812:1082 (United States)

ASN13335 (CLOUDFLARENET, US)
bff-api.automizely.com
1    2606:4700:3031::ac43:8e98 (United States)

ASN13335 (CLOUDFLARENET, US)
sdks.automizely-analytics.com
1    2600:9000:2508:5e00:11:4cd0:7f80:93a1 (United States)

ASN16509 (AMAZON-02, US)
shopify.route.com
1    2600:9000:24f3:8800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
2    3.162.112.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-112-58.iad61.r.cloudfront.net
platform.smile.io
1    2607:f8b0:400d:c0d::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:7c60 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cloudflare.com
1    2606:4700:20::681a:97c (United States)

ASN13335 (CLOUDFLARENET, US)
app.getwoohoo.com
1    52.85.132.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-5.iad50.r.cloudfront.net
api-uploads-cdn.sweettooth.io
1    2600:9000:24f3:c200:2:3d40:da40:93a1 (United States)

ASN16509 (AMAZON-02, US)
protection-widget.route.com
1    2600:9000:2508:e600:1f:af3f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
lantern.roeyecdn.com
1    34.96.97.208 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.97.96.34.bc.googleusercontent.com
www.automizely-analytics.com
1    34.241.27.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-27-40.eu-west-1.compute.amazonaws.com
lantern.roeye.com
2    34.195.184.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-184-210.compute-1.amazonaws.com
api-stage.route.com
1    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2600:9000:24f5:f000:9:de83:1280:93a1 (United States)

ASN16509 (AMAZON-02, US)
protect-quote-q.route.com
5    35.174.88.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-88-173.compute-1.amazonaws.com
api.route.com
1    2600:9000:24f4:4a00:1f:4f35:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)
ddbmicszvqxcg.cloudfront.net
3    54.198.164.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-164-148.compute-1.amazonaws.com
wobs.route.com
1    2600:9000:201e:5800:1b:a570:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d3od5si8vgcekb.cloudfront.net
4    2606:4700::6812:df0 (United States)

ASN13335 (CLOUDFLARENET, US)
a.klaviyo.com
1    18.160.41.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-29.iad55.r.cloudfront.net
d3k81ch9hvuctc.cloudfront.net
Apex Domain
Subdomains		 Transfer
102 xbloom.com
xbloom.com
2 MB
21 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3470
static-tracking.klaviyo.com — Cisco Umbrella Rank: 4253
fast.a.klaviyo.com — Cisco Umbrella Rank: 4601
static-forms.klaviyo.com — Cisco Umbrella Rank: 4319
a.klaviyo.com — Cisco Umbrella Rank: 4140
153 KB
15 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2411
513 KB
14 route.com
shopify-widget.route.com — Cisco Umbrella Rank: 35047
shopify.route.com — Cisco Umbrella Rank: 33271
protection-widget.route.com — Cisco Umbrella Rank: 52657
api-stage.route.com — Cisco Umbrella Rank: 115558
protect-quote-q.route.com — Cisco Umbrella Rank: 86141
api.route.com — Cisco Umbrella Rank: 69861
wobs.route.com — Cisco Umbrella Rank: 79599
73 KB
10 automizely.com
sdks.automizely.com — Cisco Umbrella Rank: 53072
bff-api.automizely.com — Cisco Umbrella Rank: 51318
91 KB
9 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2393
ekr.zdassets.com — Cisco Umbrella Rank: 2866
223 KB
7 cloudfront.net
d3hw6dc1ow8pp2.cloudfront.net
d38xvr37kwwhcm.cloudfront.net
d1xlc0a8mald46.cloudfront.net
dr4qe3ddw9y32.cloudfront.net
ddbmicszvqxcg.cloudfront.net
d3od5si8vgcekb.cloudfront.net
d3k81ch9hvuctc.cloudfront.net
381 KB
6 smile.io
js.smile.io — Cisco Umbrella Rank: 18122
platform.smile.io — Cisco Umbrella Rank: 19723
93 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
ajax.googleapis.com — Cisco Umbrella Rank: 461
34 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
2 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 5
analytics.google.com — Cisco Umbrella Rank: 175
428 B
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 780
145 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
467 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
4 KB
3 zendesk.com
tbdxsupport.zendesk.com
967 B
3 typekit.net
use.typekit.net — Cisco Umbrella Rank: 621
p.typekit.net — Cisco Umbrella Rank: 778
26 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
21 KB
2 automizely-analytics.com
sdks.automizely-analytics.com — Cisco Umbrella Rank: 32786
www.automizely-analytics.com — Cisco Umbrella Rank: 24049
15 KB
2 digitaloceanspaces.com
sfo2.digitaloceanspaces.com
320 KB
2 rise-ai.com
str.rise-ai.com — Cisco Umbrella Rank: 24285
strn.rise-ai.com — Cisco Umbrella Rank: 24623
83 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9204
127 B
2 bixgrow.com
api.bixgrow.com — Cisco Umbrella Rank: 540416
372 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 887
script.hotjar.com — Cisco Umbrella Rank: 1282
59 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
71 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2141
alb.reddit.com — Cisco Umbrella Rank: 1407
761 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1228
13 KB
2 shop.app
shop.app — Cisco Umbrella Rank: 3238
3 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1007
23 KB
1 roeye.com
lantern.roeye.com — Cisco Umbrella Rank: 9978
154 B
1 roeyecdn.com
lantern.roeyecdn.com — Cisco Umbrella Rank: 10003
2 KB
1 sweettooth.io
api-uploads-cdn.sweettooth.io — Cisco Umbrella Rank: 82982
3 KB
1 getwoohoo.com
app.getwoohoo.com — Cisco Umbrella Rank: 327553
545 B
1 cloudflare.com
www.cloudflare.com — Cisco Umbrella Rank: 6417
430 B
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 5084
14 KB
1 gropulse.com
gtm.gropulse.com — Cisco Umbrella Rank: 375269
638 B
1 oxiapps.com
social-login.oxiapps.com — Cisco Umbrella Rank: 47146
1 KB
1 referralprogramapp.com
referralprogramapp.com — Cisco Umbrella Rank: 106180
1 KB
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 6878
4 KB
1 gstatic.com
fonts.gstatic.com
45 KB
1 tiktokw.us
analytics-ipv6.tiktokw.us — Cisco Umbrella Rank: 9872
747 B
1 merchant-center-analytics.goog
www.merchant-center-analytics.goog — Cisco Umbrella Rank: 5979
250 B
255 41
Domain Requested by
102 xbloom.com xbloom.com
15 cdn.shopify.com xbloom.com
13 static.klaviyo.com xbloom.com
static.klaviyo.com
8 static.zdassets.com xbloom.com
static.zdassets.com
6 sdks.automizely.com xbloom.com
sdks.automizely.com
5 api.route.com xbloom.com
5 analytics.tiktok.com xbloom.com
analytics.tiktok.com
5 www.googletagmanager.com xbloom.com
www.googletagmanager.com
4 a.klaviyo.com xbloom.com
4 bff-api.automizely.com xbloom.com
4 js.smile.io cdn.shopify.com
js.smile.io
4 www.facebook.com xbloom.com
4 fonts.googleapis.com client
xbloom.com
3 wobs.route.com xbloom.com
3 tbdxsupport.zendesk.com static.zdassets.com
3 stats.g.doubleclick.net www.googletagmanager.com
xbloom.com
3 analytics.google.com www.googletagmanager.com
3 www.google-analytics.com xbloom.com
2 api-stage.route.com xbloom.com
2 platform.smile.io xbloom.com
2 sfo2.digitaloceanspaces.com xbloom.com
2 use.typekit.net client
use.typekit.net
2 www.google.ca xbloom.com
2 googleads.g.doubleclick.net xbloom.com
www.googletagmanager.com
2 www.google.com 1 redirects xbloom.com
2 api.bixgrow.com xbloom.com
2 connect.facebook.net xbloom.com
connect.facebook.net
2 static-tracking.klaviyo.com static.klaviyo.com
2 www.redditstatic.com xbloom.com
2 shop.app xbloom.com
1 d3k81ch9hvuctc.cloudfront.net
1 d3od5si8vgcekb.cloudfront.net protection-widget.route.com
1 ddbmicszvqxcg.cloudfront.net xbloom.com
1 protect-quote-q.route.com xbloom.com
1 unpkg.com protection-widget.route.com
1 lantern.roeye.com
1 www.automizely-analytics.com sdks.automizely-analytics.com
1 lantern.roeyecdn.com www.dwin1.com
1 protection-widget.route.com shopify-widget.route.com
1 api-uploads-cdn.sweettooth.io srcdoc
1 app.getwoohoo.com xbloom.com
1 www.cloudflare.com xbloom.com
1 ajax.googleapis.com referralprogramapp.com
1 www.dwin1.com dr4qe3ddw9y32.cloudfront.net
1 shopify.route.com xbloom.com
1 sdks.automizely-analytics.com sdks.automizely.com
1 dr4qe3ddw9y32.cloudfront.net xbloom.com
1 shopify-widget.route.com xbloom.com
1 gtm.gropulse.com xbloom.com
1 strn.rise-ai.com xbloom.com
1 str.rise-ai.com xbloom.com
1 social-login.oxiapps.com xbloom.com
1 d1xlc0a8mald46.cloudfront.net
1 referralprogramapp.com 1 redirects
1 d38xvr37kwwhcm.cloudfront.net xbloom.com
1 chimpstatic.com xbloom.com
1 p.typekit.net use.typekit.net
1 fonts.gstatic.com fonts.googleapis.com
1 analytics-ipv6.tiktokw.us analytics.tiktok.com
1 script.hotjar.com static.hotjar.com
1 www.merchant-center-analytics.goog www.googletagmanager.com
1 ekr.zdassets.com xbloom.com
1 static-forms.klaviyo.com xbloom.com
1 fast.a.klaviyo.com xbloom.com
1 static.hotjar.com xbloom.com
1 alb.reddit.com xbloom.com
1 pixel-config.reddit.com xbloom.com
1 d3hw6dc1ow8pp2.cloudfront.net xbloom.com
255 68
Subject Issuer Validity Valid
xbloom.com
R3		 2024-04-26 -
2024-07-25		 3 months crt.sh
shop.app
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
static.klaviyo.com
R3		 2024-05-12 -
2024-08-10		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdn.shopify.com
E1		 2024-05-03 -
2024-08-01		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
static-tracking.klaviyo.com
R3		 2024-05-20 -
2024-08-18		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-19 -
2024-06-17		 3 months crt.sh
zdassets.com
E1		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
bixgrow.com
GTS CA 1P5		 2024-04-26 -
2024-07-25		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
fast.a.klaviyo.com
R3		 2024-05-12 -
2024-08-10		 3 months crt.sh
static-forms.klaviyo.com
R3		 2024-04-20 -
2024-07-19		 3 months crt.sh
merchant-center-analytics.goog
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.tiktokw.us
RapidSSL TLS ECC CA G1		 2024-05-07 -
2025-06-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
tbdxsupport.zendesk.com
Cloudflare Inc ECC CA-3		 2024-01-20 -
2024-12-31		 a year crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
automizely.com
E1		 2024-05-23 -
2024-08-21		 3 months crt.sh
oxiapps.com
R3		 2024-05-15 -
2024-08-13		 3 months crt.sh
rise-ai.com
E1		 2024-05-06 -
2024-08-04		 3 months crt.sh
gropulse.com
Cloudflare Inc ECC CA-3		 2024-01-11 -
2024-12-31		 a year crt.sh
*.route.com
Amazon RSA 2048 M02		 2024-03-23 -
2025-04-21		 a year crt.sh
*.sfo2.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-13 -
2025-03-29		 a year crt.sh
*.smile.io
Amazon RSA 2048 M03		 2024-03-26 -
2025-04-24		 a year crt.sh
automizely-analytics.com
GTS CA 1P5		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.dwin1.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
www.cloudflare.com
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
getwoohoo.com
WE1		 2024-06-07 -
2024-09-05		 3 months crt.sh
*.sweettooth.io
Amazon RSA 2048 M02		 2023-07-23 -
2024-08-20		 a year crt.sh
*.roeyecdn.com
Amazon RSA 2048 M01		 2023-10-04 -
2024-10-30		 a year crt.sh
*.automizely-analytics.com
R3		 2024-05-28 -
2024-08-26		 3 months crt.sh
*.roeye.com
Amazon RSA 2048 M03		 2023-11-26 -
2024-12-24		 a year crt.sh
unpkg.com
GTS CA 1P5		 2024-05-30 -
2024-08-28		 3 months crt.sh
heimdall.rtops.xyz
Amazon RSA 2048 M02		 2024-04-22 -
2025-05-21		 a year crt.sh
a.klaviyo.com
E1		 2024-05-24 -
2024-08-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://xbloom.com/
Frame ID: 5922D4D218F6AB3F7F472CAE2EF4EB41
Requests: 234 HTTP requests in this frame

Frame: https://xbloom.com/wpm@07126ca1w84bbcbafp74979a33mc3de2333/custom/web-pixel-shopify-custom-pixel@090/sandbox/modern/
Frame ID: C59D061C98770871C19F87CEBE5997A1
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Frame ID: 002F1783805A7DFCEC1CD6142585700E
Requests: 9 HTTP requests in this frame

Frame: https://api-uploads-cdn.sweettooth.io/launcher/icon/processed/6ab1cc8141dfc891db8418df1765302e361bbfe01ab7bec0fcafe50c1aa6f3d8679cb3d38d49e92f.png?color=%23000000
Frame ID: BCE53872FD0A85D5C1F6CF80078EEFAC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

xBloom - Your Home Coffee, Professionally Made

Page URL History Show full URLs

  1. http://xbloom.com/ HTTP 307
    https://xbloom.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script id="apple-pay
Overall confidence: 100%
Detected patterns
  • dwin1\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • klaviyo\.com
Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

255
Requests

99 %
HTTPS

67 %
IPv6

41
Domains

68
Subdomains

64
IPs

4
Countries

4556 kB
Transfer

9270 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xbloom.com/ HTTP 307
    https://xbloom.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=585580954.1718015117&url=https%3A%2F%2Fxbloom.com%2F&dma=0&npa=0&gtm=45je4650v873467025z89186111886za200zb9186111886&auid=1517631280.1718015117&frm=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=585580954.1718015117&url=https%3A%2F%2Fxbloom.com%2F&dma=0&npa=0&gtm=45je4650v873467025z89186111886za200zb9186111886&auid=1517631280.1718015117&frm=0
Request Chain 165
  • https://referralprogramapp.com/js/shopify_referral_serve.js?shop=tbdxcoffee.myshopify.com HTTP 302
  • https://d1xlc0a8mald46.cloudfront.net/ad09820a-b62d-42d8-a9ac-cc20c9ed5e1f/js/shopify_referral_serve.js?shop=tbdxcoffee.myshopify.com&cnjrd=bYghTnTU29SiPYeftQqxn1nhNzMqWXTw0W4MoKTO

255 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xbloom.com/
Redirect Chain
  • http://xbloom.com/
  • https://xbloom.com/
399 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
4a30e2574a80f42dc38cc79ce24d0ef6f83f393e6d3d251368d224e6d0abe7d8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8918a805e88910bc-ORD
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 10:25:15 GMT
etag
"cacheable:fcbbee5c39e416841d37ab522f977f2f"
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOpFUrdV3oh%2BzW%2F0vcXKbMXXcqgcL6D1MVIs10zMt6SOqOIfjkgZu2qPzLPATBjeOSa%2BQWed%2BECG57cwu%2Fo5kdsuZ%2BeTgjlHSU4TvRigNqt59bsOa4mhaxe9gag%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=429;desc="gc:72", db;dur=104, fetch;dur=74, render;dur=94, wasm, wasmDownload;dur=74, asn;desc="577", edge;desc="ORD", country;desc="CA", theme;desc="141773668576", pageType;desc="index", servedBy;desc="79lx", requestID;desc="ce555649-5752-434e-97c1-df87dc7e8199-1718015115" cfRequestDuration;dur=460.999966, earlyhints
strict-transport-security
max-age=7889238
vary
Accept
x-cache
miss
x-content-type-options
nosniff
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
ce555649-5752-434e-97c1-df87dc7e8199-1718015115
x-shardid
223
x-shopid
61157048544
x-shopify-privacy-api-migration-beta
1
x-sorting-hat-podid
223
x-sorting-hat-shopid
61157048544
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block

Redirect headers

Location
https://xbloom.com/
Non-Authoritative-Reason
HttpsUpgrades
Mobile-KV-Studio.jpg
xbloom.com/cdn/shop/files/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Mobile-KV-Studio.jpg?v=1715792249
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b185f58ad75e0c5a3c6061525d5e26a71cfa1212146ea78b82cd1318eead7a35
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
619717
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=498.736, imageryFetch;dur=84.977, imageryProcess;dur=412.538;desc="image", cfRequestDuration;dur=16.999722
source-length
620909
content-length
48680
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
bf58a071-5d37-40d0-9491-e701073c0481-1717395336
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 03 Jun 2024 06:15:37 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=siRV2YCi0lSce5K4MmwjKvPeKw79m3XMTfqrU2KSmBQbIBSofKpiVQBcoR4LeYk57I2D5mXhhukzOlZeuAhppWNlatF998g5igcQeTYeS1SzHwWc6cGeVvzA8a4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a8096b0b10bc-ORD
x-sorting-hat-podid
223
constants.js
xbloom.com/cdn/shop/t/137/assets/ 		167 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/constants.js?v=165488195745554878101712832619
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
aedf341d94edcb05cc388b74e808e55e442aa1b417646204ccbab4f2bdfdf904
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2396378
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=74.961, imageryFetch;dur=50.831, cfRequestDuration;dur=17.999887
alt-svc
h3=":443"; ma=86400
content-length
129
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
7ec82af8-6183-4d70-890a-5b8228dd13ef-1715618737
last-modified
Mon, 13 May 2024 16:45:37 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fcfTTW6C%2BTmyLc90Nyy%2BpipBCIGDnuPkQoL70mDc%2FLPWSnPxH7ezVFinkV%2FDu8RJEAp1v8VsZdvr3Kh15RMhg1sar6SCxhZm34A9nVeeeSwYQXkJThwfflPJE30%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a8097b1e10bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/constants.js>; rel="canonical"
x-sorting-hat-podid
223
pubsub.js
xbloom.com/cdn/shop/t/137/assets/ 		476 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/pubsub.js?v=2921868252632587581712832645
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
f435d2d4ef9844bf215b1910333a5a4aa66f8be97a0f4444a5ad801550405a07
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2369898
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=147.357, imageryFetch;dur=116.328, cfRequestDuration;dur=14.000177
alt-svc
h3=":443"; ma=86400
content-length
203
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
eac05610-4cf6-4910-8e83-5c620b7c5d0c-1715645079
last-modified
Tue, 14 May 2024 00:04:40 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IiRjCfQ%2Fq5P6fvxTgNKk3XooJ22VoacVZNmUKFqSvXag5PA4%2BQ9i1nfC4uFHS%2BaRDmBLuRTy6EpTXUkrXueIrqOsf7j5%2Ful7Ndjyh2PfTfbFucUYwnFcD2r5FtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1dee6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/pubsub.js>; rel="canonical"
x-sorting-hat-podid
223
global.js
xbloom.com/cdn/shop/t/137/assets/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/global.js?v=57822642406468778621716965192
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
559fa0944758fccbeb357ed54c9e8ae244bae232259fe0b0d3e31f5e88c4aaeb
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
1048475
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=77.951, imageryFetch;dur=38.977, cfRequestDuration;dur=17.999887
alt-svc
h3=":443"; ma=86400
content-length
8971
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
ec883f99-8ada-4d7e-aa6d-3b5f1ffb38e6-1716965194
last-modified
Wed, 29 May 2024 06:46:34 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xi04Q2sGcxcRyErPiF%2FGxAeKeyXy4kDbhhU2SBrOCLWdf%2Brnleq%2B9i%2BAaOrYqdl3qNrwGL%2FJSU8uhHvgasz%2BKlBT0V9DmSr6xpKuSX6%2BOrfgMBxtZFz1n8Dkjho%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1def6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/global.js>; rel="canonical"
x-sorting-hat-podid
223
preloads.js
xbloom.com/checkouts/internal/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
013e1d1047b0a9d4aa048bd0a2f9a1000329fb1688e6d59a2436c68066d25a55
Security Headers
Name Value
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
server-timing
cfRequestDuration;dur=24.999857
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=agrdo0inCzWMwQJqEB8L5hBZ4Ii69KvAkwriCHGSgGaWDx53V4qroJQ6Zf1anwu7ZERXJOn4GVi5gm4gJM9VlPoqsvKD5fMFRaUyrdl54Re3lmicmdl%2FAZiARuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; encoding=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
timing-allow-origin
*
cf-ray
8918a80b1df06378-ORD
preloads.js
shop.app/checkouts/internal/ 		0
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shop.app/checkouts/internal/preloads.js?locale=en-US&shop_id=61157048544
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff00:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eyy20yqlwn4NbV1bQigtBsW3ZvR81DdLo3Rnn1CwoA%2Fkr4iu31nm28sqVycw635I%2BaZH4KD%2Fy7b7AuwYYVMeQv588nag097%2FEb8QNQVd2urFVrqWN0zpyES%2FwooC4%2FhbyjBQLmzr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
server-timing
cfRequestDuration;dur=13.999939, ipv6
timing-allow-origin
*
cf-ray
8918a80d5e92ab6d-YYZ
content-length
0
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		195 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PKCLH7B
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac0a2ef9e987d83598c7d1852fd10f3219a7fa43a7e64159999c18767da39ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71173
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jun 2024 10:25:16 GMT
load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
xbloom.com/cdn/shopifycloud/shopify/assets/storefront/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2375364
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=255.264, imageryFetch;dur=20.179, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
3324
x-xss-protection
1; mode=block
x-request-id
5f502529-7880-418e-b1d6-b7289d750364-1715639751
last-modified
Fri, 03 May 2024 21:27:56 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2E6pvdphAhGvmvZyAKSzvfUk09Rl2UlfDHm%2BAMvG%2B5tnqbZrfo0BiPbBhdXWUiWdXgbiDJDtNykIIQ6AVY9yR4if2T95XkCccpl0mV53JMPMEpmo8iS21OjdJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
cf-ray
8918a80b1df16378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js>; rel="canonical"
x-sorting-hat-podid
-1
storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js
xbloom.com/cdn/shopifycloud/shopify/assets/shopify_pay/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js?v=20220906
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2396568
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=302.794, imageryFetch;dur=31.855, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
content-length
18677
x-xss-protection
1; mode=block
x-request-id
05b26f06-50f9-48aa-ac2f-04059415fb2a-1715618548
last-modified
Mon, 13 May 2024 16:42:28 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCbAOyVH7MpSkOXqY2LQVlBPbFKb3v0nNxMJatCJNdaS1ABMmFbY8JslYjW2gCRSTiQ1KWOWLhIjvh8fHj34tvdJGnmGcDQJ4vWGVZ%2F%2F1Hzt9J%2Ff5jt9GNAblxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
cf-ray
8918a80b1df26378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8.js>; rel="canonical"
x-sorting-hat-podid
-1
features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
xbloom.com/cdn/shopifycloud/shopify/assets/storefront/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2374305
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=266.652, imageryFetch;dur=25.049, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
12292
x-xss-protection
1; mode=block
x-request-id
20377e83-46fe-4b02-ba04-6c632a757b85-1715640810
last-modified
Mon, 13 May 2024 22:53:31 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBbodRRkIwNsaiPBljocl6VPJwyNnujXa9KBibVzK1jWtKjOoWHTzL0LrwkqtVYapXQa9%2FNS5%2FJ2N4CDNPYE2kLQBwDoMEZgFdMS35XfHz291pb7cpxT2cmKPxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
cf-ray
8918a80b1df36378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f.js>; rel="canonical"
x-sorting-hat-podid
-1
scripts.js
xbloom.com/cdn/shop/t/137/compiled_assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/compiled_assets/scripts.js?20532
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
09729230be40dea5fa4e66cba0f7922aae68aabeecee1be177bb4fff8a2533a0
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
844
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=100.943, imageryFetch;dur=86.502, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
content-length
1772
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
99036246-d032-435c-81d4-7ad38f2f5355-1718014098
last-modified
Mon, 10 Jun 2024 10:08:19 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M0B4HvBIDowYotb%2B%2B4gca%2FKB25M%2FoZqEgxJJmOG8KU0WDvgpMXgtCfzwN0e519F7dcA%2FPJr4xZzsBUUCawXh7Mk2yTpU1Aj%2FGPg8%2BctBYrvW1Ba3LI0ZP2rbwgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1df46378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/compiled_assets/scripts.js>; rel="canonical"
x-sorting-hat-podid
223
base.css
xbloom.com/cdn/shop/t/137/assets/ 		54 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/base.css?v=90017933885995582281718011944
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
0df6fbf6a2b434bdcad0cbd112f2422118205f4f1f7090c7d4f925362394c1b6
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
3164
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=49.745, imageryFetch;dur=25.959, cfRequestDuration;dur=15.999794
alt-svc
h3=":443"; ma=86400
content-length
9108
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
0089f057-f905-43bd-846d-e74a85719eb7-1718011951
last-modified
Mon, 10 Jun 2024 09:32:31 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EvwzlcNI8QqOS4STlYGgQrVIPtpdBvoAnCVRwAosNZFaNP6MlAyL%2Fx2n0SIHGRu%2FKqrZnvROPVqMFv4Nw5ogotovK0ZARCTTuCaKm9fyeV55SD3CIexBVmLvc0k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a8099b3910bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/base.css>; rel="canonical"
x-sorting-hat-podid
223
assistant_n4.bcd3d09dcb631dec5544b8fb7b154ff234a44630.woff2
xbloom.com/cdn/fonts/assistant/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/fonts/assistant/assistant_n4.bcd3d09dcb631dec5544b8fb7b154ff234a44630.woff2?h1=eGJsb29tLmNvbQ&h2=dGJkeGNvZmZlZS5hY2NvdW50Lm15c2hvcGlmeS5jb20&hmac=e3fb5d05230bb826743344f30d81b14745e72751bc0145913c406953c2b8efa3
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
d965e0b23881c7da8bd6fdce92c9956d0e3f78aadddb3672da59ded69d1c7ebb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1
age
2375582
server-timing
imagery;dur=33.638, imageryFetch;dur=33.342, cfRequestDuration;dur=9.000063, ipv6, cfRequestDuration;dur=35.000086
alt-svc
h3=":443"; ma=86400
content-length
17000
x-xss-protection
1; mode=block
x-request-id
02e0c2b8-05b0-48a9-930d-aa44d2121aff-1715639533
last-modified
Mon, 13 May 2024 22:32:13 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRBirhWPSWn1ijLlwVrLYlkoBuHeqRhyYCsFTXCf9XoiLm2WICHfDzCUO0tEMIlpZ%2BY8cpu3HRMnZ7WdhNaUb7zmw40uQ86G6Rw1sJuHV7AMKelb9ljODoS4XWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
cf-ray
8918a8099b3b10bc-ORD
timing-allow-origin
*
bundle-xbloom-entry.css
xbloom.com/cdn/shop/t/137/assets/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
57582f4ee33339e7c0154b05710c95f96444b5f5a09d72b4eeed4d51524b4407
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2379549
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=108.909, imageryFetch;dur=74.067, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
content-length
7382
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
3b8c7313-ffe5-46b6-b3d1-9b59f8256fe9-1715635000
last-modified
Mon, 13 May 2024 21:16:40 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4VL2%2Bx4P4InXhuDzzNUUi4Ylg2e1MriFq7wC5GcZmTq42n%2BHr8wI85QXzkzLA87eqXw0H8c6GgX5fgzcEbuvon2zAUV5%2BDZ4s2xDwFs4ODA%2BKp7Vd4hZcp04ls%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a8099b3e10bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-xbloom-entry.css>; rel="canonical"
x-sorting-hat-podid
223
xbloom-react-vendors.js
xbloom.com/cdn/shop/t/137/assets/ 		143 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/xbloom-react-vendors.js?v=96437403066124902461712832665
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
d675645bbf244995f000af8fb7cdf710659e84239882043588b912ede8acf195
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2370622
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=188.925, imageryFetch;dur=102.390, cfRequestDuration;dur=15.000105
alt-svc
h3=":443"; ma=86400
content-length
42972
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
9f820e17-ce0c-4b41-bf3a-8cf39b536b7b-1715644289
last-modified
Mon, 13 May 2024 23:51:30 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uhb6Bv%2Bi%2BNR36mq6CS%2BpInPmpaVkHiqocKpJHVuoQ6wTPedFXCIc4sECQ6M6ixKeF3X771kYeEkST8aTgmsUtl4C9QVs%2FCOBcf%2Fstb%2B5nWjZTHlqcC%2F5SDdvdL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a8099b3f10bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/xbloom-react-vendors.js>; rel="canonical"
x-sorting-hat-podid
223
xbloom-alpine-vendor.js
xbloom.com/cdn/shop/t/137/assets/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/xbloom-alpine-vendor.js?v=151698458331994928331712832664
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
28eb68c5c6a198f7545d3506adbe63bcbc0019d0cd6fdb12c5691427038835d9
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2370622
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=101.489, imageryFetch;dur=61.827, cfRequestDuration;dur=17.000198
alt-svc
h3=":443"; ma=86400
content-length
14520
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
2c84465f-6141-44ed-bdbb-a7baa725e0d6-1715644065
last-modified
Mon, 13 May 2024 23:47:45 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2w0b2%2Fxr35duVt53gOVdPhEPAvuBwR0KGEXREGkG1RE0VF%2Bz9ZTpEaiZVVCo0rfESxdNPBcHxl7mqc1bpO5ACj7VmSWDAK7PtktdkDRi9drfdVGi9UJqqkSAqiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a8099b4010bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/xbloom-alpine-vendor.js>; rel="canonical"
x-sorting-hat-podid
223
bundle-xbloom-entry.js
xbloom.com/cdn/shop/t/137/assets/ 		154 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.js?v=27552859569376867021712832595
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
6061136d38fccabdb728cf0fea3f9cba79bd0b24951c37e32c681355bf841d4e
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2391572
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=484.395, imageryFetch;dur=127.257, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
content-length
41709
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
aadb6331-a56a-4560-989a-eeb49083288c-1715623542
last-modified
Mon, 13 May 2024 18:05:43 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zdu1yhVOj7PpqeLHy1hgqtIlOf0sypNtpLlBxNfm8FOjRON9zEHTzhnXOelvvrmFlmdWZkvapVhKOoS9XT7nrOwAC6xG046tN0fKQGKgt7571klnMaCITj%2BNf7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a8099b4110bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-xbloom-entry.js>; rel="canonical"
x-sorting-hat-podid
223
klaviyo.js
static.klaviyo.com/onsite/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YcBdjn
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ea7a74fea578ebd2500d7aaa9974f563aac61f98bda6bb777aa2fa78e2f8176
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:16 GMT
age
215093
x-cache
HIT, HIT
content-length
1050
x-served-by
cache-lga21933-LGA, cache-yyz4548-YYZ
server
nginx
x-timer
S1718015116.373289,VS0,VE0
etag
"56109bbe321618b82ab72fbf7fce3937"
allow
OPTIONS, GET
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
content-type
application/javascript
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
3, 3
okendo-reviews.js
d3hw6dc1ow8pp2.cloudfront.net/reviews-widget-plus/js/ 		190 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3hw6dc1ow8pp2.cloudfront.net/reviews-widget-plus/js/okendo-reviews.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:600:2:9231:580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffc373859cf3c136f5f73ca20d332c1385baa951804f7ce753ae9187ebaf2d39

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:24:27 GMT
content-encoding
gzip
via
1.1 030b88b6d8d9c6faf056723bb5f16078.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jun 2024 07:54:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
age
50
x-amz-server-side-encryption
AES256
etag
W/"32e3811b525b440d0ddce339ae4bdd68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
bQz-QxnCRqcjTm7on1eU5ylb6QMSh-9LW7m-YWlme920xW0ebgvbnw==
smile-loader.js
cdn.shopify.com/extensions/6d4b85b4-49ad-41dd-9edf-210b845311a8/smile-io-78/assets/ 		599 B
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/6d4b85b4-49ad-41dd-9edf-210b845311a8/smile-io-78/assets/smile-loader.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd00d5ead0a82675fcd311195ff5013ff1a1220640224df570d7b6f22bea7071
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
235154
server-timing
imagery;dur=47.124, imageryFetch;dur=38.029, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
content-length
265
x-xss-protection
1; mode=block
x-request-id
bee23501-7989-43e2-8019-a0d7a30a9a81-1717779950
last-modified
Fri, 07 Jun 2024 17:05:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQsjuEr%2BBG25S9Szu6MXz4XMnC1DFqtErBPIBgSRPpXRi2Wk7A27sT0Wm9%2BD6SM%2BLrP4ON46oKaGDnb6dWvaRAIFTP33nPAS3rTyT5rl%2FrBfX0gT8JqmiAySl1Dzp1nXKApNYojuFKPq298XNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/6d4b85b4-49ad-41dd-9edf-210b845311a8/smile-io-78/assets/smile-loader.js>; rel="canonical"
cf-ray
8918a80b0ad8aac5-YYZ
bixgrow_affiliate_toolbar.js
cdn.shopify.com/extensions/7a4d4d54-a983-4845-89b6-6cf7d46d6d61/bixgrow-affiliate-marketing-23/assets/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/7a4d4d54-a983-4845-89b6-6cf7d46d6d61/bixgrow-affiliate-marketing-23/assets/bixgrow_affiliate_toolbar.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b013a09925e76faa79a0b7e9bd9dce571433b917f0ecf860a22dfcc849e5ea04
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
190507
server-timing
imagery;dur=251.335, imageryFetch;dur=77.965, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
content-length
2259
x-xss-protection
1; mode=block
x-request-id
2714d726-fafb-4eea-95f6-ed4620a89488-1717824603
last-modified
Sat, 08 Jun 2024 05:30:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FfcmgIRj8s8Edi97c9LJH4rCByS84QyjPjzgW5I9mrcVjSvMxATgcLQVd6am8%2BSI3dlHq0qC5yFkrJdDbpiSbNSvU%2Byxqzl0kaFK1qj90alXOgmQoniuKB1tJpS2IdwnsS09JsLG6kqhUuaBRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/7a4d4d54-a983-4845-89b6-6cf7d46d6d61/bixgrow-affiliate-marketing-23/assets/bixgrow_affiliate_toolbar.js>; rel="canonical"
cf-ray
8918a80b0adaaac5-YYZ
image-gallery.css
cdn.shopify.com/extensions/7a4d4d54-a983-4845-89b6-6cf7d46d6d61/bixgrow-affiliate-marketing-23/assets/ 		0
0
bixgrow_referral_widget.js
cdn.shopify.com/extensions/7a4d4d54-a983-4845-89b6-6cf7d46d6d61/bixgrow-affiliate-marketing-23/assets/ 		76 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/7a4d4d54-a983-4845-89b6-6cf7d46d6d61/bixgrow-affiliate-marketing-23/assets/bixgrow_referral_widget.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f09e1512884b9b727b7e7201cfc8a281c10a6eb519626569185ef51b4325e963
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
190508
server-timing
imagery;dur=228.421, imageryFetch;dur=101.348, cfRequestDuration;dur=16.000032, ipv6
alt-svc
h3=":443"; ma=86400
content-length
13738
x-xss-protection
1; mode=block
x-request-id
b41e4850-c77a-4217-8ac4-116b49b7cadd-1717824603
last-modified
Sat, 08 Jun 2024 05:30:04 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwJDQIOz2I5qWjPABf%2BKD7LFDRWFcvVrtG3nPjZ%2FW4rEF6dM5fGAqks7oz46bpfpOu1apiNOvrgh1UTTKfInARv9kM03ouETy4V8ksaxZmyDl0hf3ZZV5oT7Y6%2FoyZ8S2%2Fv6pPriTaNC8gOD5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/7a4d4d54-a983-4845-89b6-6cf7d46d6d61/bixgrow-affiliate-marketing-23/assets/bixgrow_referral_widget.js>; rel="canonical"
cf-ray
8918a80b0adcaac5-YYZ
cart.js
xbloom.com/cdn/shop/t/137/assets/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/cart.js?v=47516388636123683641715317821
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
83ebfd44d34d78d38bb8cb97a583b987b1fa0459205e3eb97faf6a4b846f61e1
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2372178
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=56.601, imageryFetch;dur=23.887, cfRequestDuration;dur=15.000105
alt-svc
h3=":443"; ma=86400
content-length
2553
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
2c2119f2-9191-48da-a715-1a4e73e08107-1715642507
last-modified
Mon, 13 May 2024 23:21:47 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rgEmGz7%2FCE%2FOHohkzGpCQ9HH6qdIlSJSwvEeAMRnUk49Z9%2BptiisRGNTqozyY5vfbfljzP4gdW2%2B8XDBA%2FEWN8MKb4fVtBFzx%2FTMLPwVdC00Fjpn3Xw1WANgnPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1df56378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/cart.js>; rel="canonical"
x-sorting-hat-podid
223
component-slider.css
xbloom.com/cdn/shop/t/137/assets/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-slider.css?v=88231237567511556071713245056
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
82f558471f3b224f78ed5a6a5fc98e127353cf3629df93f6c86c49193cb378f0
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
2380808
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=72.023, imageryFetch;dur=23.901, cfRequestDuration;dur=21.999836
alt-svc
h3=":443"; ma=86400
content-length
1410
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
9c6595a0-5042-4b3d-8f19-fd0fb82028d1-1715634307
last-modified
Mon, 13 May 2024 21:05:07 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydDyIQnF%2BTgoV6iomhJTzaSLcWhtMih0RVSeOezkP0BvHtPWPMHMyh4mzb4Vcpf3Y6ndY5ZU3GnVtCYL1LkVLvEOi71nG%2BHrEaguLWAbUWLiue7q5tEqnou9kR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb5b10bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-slider.css>; rel="canonical"
x-sorting-hat-podid
223
countdown.css
xbloom.com/cdn/shop/t/137/assets/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/countdown.css?v=74979553442763158361716898802
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
5540f3cde66a3a8ae1d5c26599e0c8a5bd94af3ff08477bab5cc0fc56621faf7
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
1116277
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=100.545, imageryFetch;dur=89.772, cfRequestDuration;dur=16.999960
alt-svc
h3=":443"; ma=86400
content-length
830
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
88de3280-97ce-4399-a91b-d85da79b8d85-1716898809
last-modified
Tue, 28 May 2024 12:20:09 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWY44FlwJ7x4jdsoOitX6qX8lz%2FG%2BnWpONyFunEZuG32KmaD2a10k0HnVmhCsNlLZYgDP6pVgkAW8QZ3gzldj%2B4Njm%2BOhU52bNAeYr7xxLPpvWPEc83FRN8L0nI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb5c10bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/countdown.css>; rel="canonical"
x-sorting-hat-podid
223
countdown.js
xbloom.com/cdn/shop/t/137/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/countdown.js?v=48149939145241716141712832621
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
50f8a16caaf4da74ce98dcd88c39bcce6bdd1b8dbb191c702609f7e08c0dc85c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2373476
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=92.195, imageryFetch;dur=77.850, cfRequestDuration;dur=16.999960
alt-svc
h3=":443"; ma=86400
content-length
913
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
69e6e8bc-573b-410c-a05a-067f8789f414-1715641640
last-modified
Mon, 13 May 2024 23:07:20 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oYv8wK8%2B5Q75zyq%2FNg3KAGTybHlcLBKhHuAv8GVAoD%2BZ%2Bhl%2FgW0zH6ulMUSGsccJO%2F6m1g4ikHHsy3aqq8SQjs6jdZh1q3VDyBh0xTVWEWegxm%2BAK0T208WVzlU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1df66378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/countdown.js>; rel="canonical"
x-sorting-hat-podid
223
component-cart-drawer.css
xbloom.com/cdn/shop/t/137/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-cart-drawer.css?v=106105773333167681441712832602
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
9cc67ad3fcd70f89e1b07f03a696239095df927ec26dc09fc90de777733130ac
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2372177
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=122.995, imageryFetch;dur=85.945, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
content-length
1557
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
60cf7e4f-d895-4534-a22d-3885117790ca-1715642596
last-modified
Mon, 13 May 2024 23:23:16 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qapv1lYCMSwj0%2FyI4KhKBl8EgJczTpF0Ve%2FZZqQwRIoQ8i7gx%2F6eFEiI4bIW2vuRzpL5RN%2FUHSdCCf9RB%2FzC6qSOjn6t0BdTDao0kbNah9tZ8pUNdRrcemVUI%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb5e10bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-cart-drawer.css>; rel="canonical"
x-sorting-hat-podid
223
component-cart.css
xbloom.com/cdn/shop/t/137/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-cart.css?v=57808830461068430951712832603
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
431129fbea1c10b9064a49ece94801051fcad27f555a6a4d77a403a44af2d3b1
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
2380629
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=202.586, imageryFetch;dur=177.851, cfRequestDuration;dur=16.000271
alt-svc
h3=":443"; ma=86400
content-length
799
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
9d779b2a-5c6b-4cdb-b274-d0cb87cf6449-1715634486
last-modified
Mon, 13 May 2024 21:08:06 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xjdy1FtEiXvQmzPlbrElBHvmHu0sIN8dp9niH5LSyllxT30UYLT5Dxkc7Rawu%2Bh%2F%2F5Ovj8QZjpxIES0LGNrN8LYJvf710TXC3kO9qK5WpwtZ7PheAHwhWcnOka4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb5f10bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-cart.css>; rel="canonical"
x-sorting-hat-podid
223
component-totals.css
xbloom.com/cdn/shop/t/137/assets/ 		320 B
831 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-totals.css?v=39462180231894241831712832619
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
dcc1704f62309c9b57998d95eb6f333e1133f4f2e08420b9dd5bbbc17ff57fa7
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2375079
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=87.217, imageryFetch;dur=59.128, cfRequestDuration;dur=18.000126
alt-svc
h3=":443"; ma=86400
content-length
195
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
9b16452a-f043-424c-b444-977d0afb5c32-1715640036
last-modified
Mon, 13 May 2024 22:40:36 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfIM4Nnlm6zdo4NUTh%2FR7jNVdBYRrktavhLl3UPC83dD0tW1NwuM29H6IhqZez35xQRtFVeq%2BVy8QpihkEKzwyhe%2BuVrnt8pFrpCSoa2MAs0gU3cUcewC5GjoXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb6010bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-totals.css>; rel="canonical"
x-sorting-hat-podid
223
component-price.css
xbloom.com/cdn/shop/t/137/assets/ 		2 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-price.css?v=65402837579211014041712832613
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a251b2ab03e3706a686adbb9d3d722ecb0203cb6731a73fbbe70f908f9222ee8
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2369046
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=104.302, imageryFetch;dur=83.456, cfRequestDuration;dur=18.000126
alt-svc
h3=":443"; ma=86400
content-length
497
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
da295fa2-8381-48a5-bcba-a4d461d2beef-1715645972
last-modified
Tue, 14 May 2024 00:19:32 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Af8cwr7GMeq3%2BsainmxhHfUNDw2cK0SoO3%2FCWIKsj86Pdeqhew8oOJM8mp1hjAXD1Pn%2BMKTGOvgsKsv%2FEhNsaQXHwXnoMRHEp1ppLjSGNq06w9%2B8OY1bBoCrCug%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb6210bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-price.css>; rel="canonical"
x-sorting-hat-podid
223
component-discounts.css
xbloom.com/cdn/shop/t/137/assets/ 		562 B
863 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-discounts.css?v=152760482443307489271712832605
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
0d54fab6fa16827ce3aaebaef3f6862550eefd8f8452eecc53c43596ce6323bd
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2385040
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=133.654, imageryFetch;dur=109.997, cfRequestDuration;dur=19.999981
alt-svc
h3=":443"; ma=86400
content-length
217
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
054bfd00-4afd-45b3-8458-70cb735dfd3a-1715629435
last-modified
Mon, 13 May 2024 19:43:55 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkT6eIIdbGMgA3MU9P%2FwuNZLbceVDe3OSmdFemZKkX4nYbFMuHGT8JS%2B1gOaxsqLbcYegRoFkp1mTC1sT8GWzjZUOn1u7P2DrPjd%2FPKrYwF%2BtxNQNYijHuH60XY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb6310bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-discounts.css>; rel="canonical"
x-sorting-hat-podid
223
component-loading-overlay.css
xbloom.com/cdn/shop/t/137/assets/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-loading-overlay.css?v=167310470843593579841712832609
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
2e30ac1a65427ced53cfdc5e9143b9f7a946693819d1cc5640470447236a4523
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2394285
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=196.632, imageryFetch;dur=83.338, cfRequestDuration;dur=19.999743
alt-svc
h3=":443"; ma=86400
content-length
458
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
d80ceb55-d0ab-4c85-be12-6ef1d018dd53-1715620474
last-modified
Mon, 13 May 2024 17:14:34 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VE6ZTVfhYLnP0xhi5fHh7Ka04qk8phqNnTMo49qG5Iuxioa0twnvNiDWTWDpLDIieAX7o4Sf8FYx%2FqAL3xl0fMtqZ3xpsC%2BeeX1bn7HCHd7uhoKCKHGE99UJo8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb6410bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-loading-overlay.css>; rel="canonical"
x-sorting-hat-podid
223
component-list-menu.css
xbloom.com/cdn/shop/t/137/assets/ 		516 B
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-list-menu.css?v=151968516119678728991712832607
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
7e5d9009e86a53f67e2eb846cc835fcea43bcef8afd1db9d65bd3053239d703c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2373824
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=68.625, imageryFetch;dur=60.040, cfRequestDuration;dur=20.999908
alt-svc
h3=":443"; ma=86400
content-length
216
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
5a265150-e213-4d35-a07d-cb42ad628594-1715641200
last-modified
Mon, 13 May 2024 23:00:00 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NtRjL%2BkTTPd0bDLIANVwrzhKCHWZOArjWK09GkPDA%2BZoRN0yrw2Us6nAE6tikxcJZQGV9vQwQQbDGVXC9GMU%2Fj5LVb0CX5C7OagVr842pYIvmIFGqksioHlwv7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb6510bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-list-menu.css>; rel="canonical"
x-sorting-hat-podid
223
details-disclosure.js
xbloom.com/cdn/shop/t/137/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/details-disclosure.js?v=153497636716254413831712832623
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
0d43a07a690646ca8fbb83b7c72d91cc83a4d65d6336809547ce1c788f65a9fe
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2388119
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=55.083, imageryFetch;dur=36.443, cfRequestDuration;dur=16.999960
alt-svc
h3=":443"; ma=86400
content-length
508
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
c0046d56-c810-4a43-9b95-417d9f165508-1715626997
last-modified
Mon, 13 May 2024 19:03:17 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFcwuXeraqXawwX81psjjXvYasL3j12TXNnsLtPzy0EJ1keIYId2g3SM60ESH4DMGnZC4pAZOEqy%2FfDGRVATJ2rahf4KPsxmlDi55970CvszsrZ%2B7pYn4rXVFyI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1df76378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/details-disclosure.js>; rel="canonical"
x-sorting-hat-podid
223
details-modal.js
xbloom.com/cdn/shop/t/137/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/details-modal.js?v=4511761896672669691712832623
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
9853cac3e2ffd5f3f2fea511e2af7131b3d670d2cb30fe16a63b57dc0162df0c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2378301
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=83.021, imageryFetch;dur=73.908, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
content-length
520
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
6ea18419-b484-47f5-b4e1-f64ae3f70a1b-1715636814
last-modified
Mon, 13 May 2024 21:46:55 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3dYLEiHkrbKwhVLBp89f9gTMANJ0gli%2FGHJT17XzS37D9ni5EH9PjAynG53GPsgdAnNt5YYGN77UoZu4MTaOVSswPDg14rPu8913pSIps6PrIYcqNo3T2p1ZeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1df86378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/details-modal.js>; rel="canonical"
x-sorting-hat-podid
223
cart-notification.js
xbloom.com/cdn/shop/t/137/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/cart-notification.js?v=160453272920806432391712832597
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
25ebd82b9a06e27163a4b596bdff19a5b21fca293d567eb630ee21420ddad7e7
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
2394482
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=124.434, imageryFetch;dur=99.501, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
679
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
0986d437-d509-441d-b628-a55e7f98dcfc-1715620634
last-modified
Mon, 13 May 2024 17:17:14 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u2QprbXeD2h9yfTXVVdm6RKoysjKYVQrB%2B7auy%2BJoAjUJVS4SPkWlQfTTAgCqzJiWaQyRcytrudaVxvFnmLanjfo44WHmx1zljymBXBL0SlPgPNIe5aesbtIboo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1df96378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/cart-notification.js>; rel="canonical"
x-sorting-hat-podid
223
search-form.js
xbloom.com/cdn/shop/t/137/assets/ 		996 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/search-form.js?v=113639710312857635801712832647
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
48487719589a826a90903bb45a2e48f0abc2a7f16e9d29171b04770de02f392d
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2367758
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=171.312, imageryFetch;dur=54.624, cfRequestDuration;dur=15.999794
alt-svc
h3=":443"; ma=86400
content-length
399
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
af73bcea-9ab8-46c2-9b66-691d82ae668d-1715647358
last-modified
Tue, 14 May 2024 00:42:38 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYupokQ%2FVQvukKN8UV%2BCuT7nAr7XnSOBKrAYyRqpO3VSu2QVVHzH5phFG4fXEMS57kfpt0mAV6yD4ZG3SDlz18T4bPVnSeJpH%2FLCLY81PoSdMfIMeV5badq5R%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1dfa6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/search-form.js>; rel="canonical"
x-sorting-hat-podid
223
cart-drawer.js
xbloom.com/cdn/shop/t/137/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/cart-drawer.js?v=44260131999403604181712832597
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
85519a6184da9703d5fcc338e94d7364a45f859c469eb5139584d312ed9a13d9
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2375679
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=110.489, imageryFetch;dur=82.305, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
979
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
89a23f7b-c36c-42f8-b9e5-4923181a5cb8-1715639436
last-modified
Mon, 13 May 2024 22:30:37 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UC3k0saz1ppKpgPc1eD9kvoADIWJoEvFtkkXQdX2QO3qtzrQqXmoQhU12NFvBZG7%2FiSj52KAZ6mqrTg109tnoKCNRC9DtYl9pXrH229GTPYHgS%2Fwk8zleoTBL4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1dfb6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/cart-drawer.js>; rel="canonical"
x-sorting-hat-podid
223
xbloom_logo_2988e005-3aa0-4291-9b12-7b1d23307bbe.png
xbloom.com/cdn/shop/files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/xbloom_logo_2988e005-3aa0-4291-9b12-7b1d23307bbe.png?v=1684639959&width=500
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
5cbd64ee0f51b90524d4596555ed220802ebfcfac28db92b7ef3f056e0e09dc2
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2389248
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=269.402, imageryFetch;dur=22.482, imageryProcess;dur=246.135;desc="image", cfRequestDuration;dur=16.999960
source-length
22008
content-length
5557
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
6c327e8e-569b-4af9-aa27-995fbe63a32b-1715624753
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 18:25:54 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5z2dFNhYBdExzJuhZ3GXMpGgTl2Fe20hOvXCfxH22sNwoNEEZftMABXtmIbto50qprSWyOcpMUy7kRoams9y4VePRk%2B4ppEOGKd26g5vogdJwPhSxR4ax1wd6No%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80abc2510bc-ORD
x-sorting-hat-podid
223
section-image-banner.css
xbloom.com/cdn/shop/t/137/assets/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/section-image-banner.css?v=32702859429004948151712832652
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
ec8308209e4d7e94930cfa78e349fef5234da812af3ff3d6a58786a9a87cf512
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
2373065
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=81.761, imageryFetch;dur=54.470, cfRequestDuration;dur=19.999981
alt-svc
h3=":443"; ma=86400
content-length
1361
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
da0a5ffd-533c-421c-aacc-e7fae86f1d3d-1715642050
last-modified
Mon, 13 May 2024 23:14:10 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibd2MsGSSmOX6XvLZREhDInd6dV9cNKIyf9bFKgmfumwgBWFn%2BPxO3oCXj4l5J6ctsXYCNufPRvG356cf%2FWdHIyWsyQYd2ksghtPTt3FMUhudJeyDBQQwAMVDLc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb6610bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/section-image-banner.css>; rel="canonical"
x-sorting-hat-podid
223
component-slideshow.css
xbloom.com/cdn/shop/t/137/assets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-slideshow.css?v=26413300329827635831712832618
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
0f5c7e8e7939e4ddd88e5dcd5760663861aebae231b105734b775236a1dc0ad9
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2388077
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=97.672, imageryFetch;dur=64.462, cfRequestDuration;dur=19.999981
alt-svc
h3=":443"; ma=86400
content-length
899
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
e82fbf9a-a39b-4a49-976f-be1c854563ae-1715626555
last-modified
Mon, 13 May 2024 18:55:55 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=geZtog%2FSCNiitZxnjE4nyPHLDGcekpTjMhx0fjNzGlJ6%2FAMDM%2FseEItGOlshcjgC9EADGgd7LX1H2pGcsUmn4NtoquUh9WVlP1DLxBh1J%2Bnji98mlbGXXIl%2BkDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a809bb6810bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-slideshow.css>; rel="canonical"
x-sorting-hat-podid
223
bundle-slide-show-section.css
xbloom.com/cdn/shop/t/137/assets/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-slide-show-section.css?v=144714303424875448281712832589
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
f44fbefe0d08f83961ab49d30be070ec4c1dcdbb25c95720b9b1397e23263eec
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2373825
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=104.586, imageryFetch;dur=72.214, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
content-length
366
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
e5925503-96ed-4687-bae0-a7b621cc56b2-1715639525
last-modified
Mon, 13 May 2024 22:32:05 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xaDR4ZTMPXsvgh6zDOmGp2xwmJrz%2FOHj9baYaNCKpPpmIIxkFsSHCOqTK7rWGVCXr0AjCRq5debWNU5tiqfIEiv55lpGyLtb2A6VpagX6XbnXT2lBHSUVGE1324%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80abc2610bc-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-slide-show-section.css>; rel="canonical"
x-sorting-hat-podid
223
Father_s_Day-_J15.jpg
xbloom.com/cdn/shop/files/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Father_s_Day-_J15.jpg?v=1717558969&width=1780
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
2bf8d774edf8f3d54b268bf587951e8a70be95ad90807ad4b4d7d55dd2b77194
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
10581
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=429.007, imageryFetch;dur=78.701, imageryProcess;dur=347.590;desc="image", cfRequestDuration;dur=15.000105
source-length
77458
content-length
40748
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
42e4e22b-66b2-4e59-8262-14a586286bb1-1718004534
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Jun 2024 07:28:55 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liQcBI05dIFE5fcuqUeWbehzaEgfsrBbKYVJ3RAw8O4%2F5ZDleLBNOgOYI5D5iXoWcS%2BOntRU2cItMYm5sttDQovKnySPrZGytcOnRuKGuHhJq2Ie3G2hPdvknpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b0ddf6378-ORD
x-sorting-hat-podid
223
Father_s_Day-J15-wap.jpg
xbloom.com/cdn/shop/files/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Father_s_Day-J15-wap.jpg?v=1717558969&width=750
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b860e6f918fe6da358e0859961ed57ddf78b09341ac204fb9f77df8b332de9bc
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=196.983, imageryFetch;dur=70.498, imageryProcess;dur=125.562;desc="image", cfRequestDuration;dur=53.999901
source-length
42338
content-length
24308
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
cec6d991-92a5-497a-9bb5-4f2187e1af02-1718003209
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Jun 2024 07:06:49 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WjZ1ZpVGwe7gnQ8r806eE9qjMYRpuwLtV1efUcK0dZdp2mBbuHBF%2BXNCo8XA%2BIunvo8PzjZYuPGLqWLleKi6vIUSuaalYEnEb5CbWKri0KSxemsY2wMSkJ5y1pU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b0de06378-ORD
x-sorting-hat-podid
223
Father_s_Day-J20.jpg
xbloom.com/cdn/shop/files/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Father_s_Day-J20.jpg?v=1717558969&width=1780
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
cbd127b528ffd3bcc578eb05182004e394549470a7884b698ea043ca839107f5
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=939.143, imageryFetch;dur=92.572, imageryProcess;dur=845.778;desc="image", cfRequestDuration;dur=98.999977
source-length
282783
content-length
124250
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
e437fcbd-4c50-4723-b895-b0593d75aafb-1718004534
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Jun 2024 07:28:55 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDncX4XuDD78mDZe5PO3HAkumPDg2d4lNJhyiRvJ1lBZyJMJ6Vr7GBk3HAu6b75jSIr%2BjHcpTe%2FGDY61kzjvPmFy1RwCsoBaj%2BqxaKQDFqhitoA1a5pEeaFx7LM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b0de36378-ORD
x-sorting-hat-podid
223
Father_s_Day-J20-wap.jpg
xbloom.com/cdn/shop/files/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Father_s_Day-J20-wap.jpg?v=1717558969&width=750
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
55ad580db72478453e3179ccab7ea9766c7705dc5a444f19e9ebbb98af1d1e9b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
x-permitted-cross-domain-policies
none
source-type
image/jpeg
server-timing
imagery;dur=222.919, imageryFetch;dur=59.745, imageryProcess;dur=160.584;desc="image", cfRequestDuration;dur=55.000067
source-length
154086
content-length
62156
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
eec9346b-b48e-44cc-9aab-3c4f63f5cbb1-1718003209
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Jun 2024 07:06:49 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFrvMU3cpzA2nT%2BvsvRWU5%2BWmhNH6L9jYRAvll2iA1r60i%2BRaMQdJEIlxqG8hP89I3V9GNjVL%2FBzTD9Cx7OJkei%2Bip0DAA4U%2BPnCjwSmPuDJdReCD35tu59GPn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b0de66378-ORD
x-sorting-hat-podid
223
section-multicolumn.css
xbloom.com/cdn/shop/t/137/assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/section-multicolumn.css?v=35239121824907832691712832654
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
dc7ae5b0f4e7ae5604bb2a6df5c70405386cb35d69317bcbaa1385ff33158a61
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2383660
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=224.171, imageryFetch;dur=59.943, cfRequestDuration;dur=14.999866
alt-svc
h3=":443"; ma=86400
content-length
1134
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
0eb2613f-9579-481f-a8fe-c7e0f33ed6e7-1715631456
last-modified
Mon, 13 May 2024 20:17:36 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJHFaVfE1gwrc%2BiQYkgyx6Ufic%2Fsu4U2pIvyaHuFyDx6%2BvBRcx0haM62BEZKAvJZe8H0iXHXX5wBJpQt1jNPByRpX1V7clma%2BV1WloN3J1g9bw7dNNP%2FYGkh09o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b0de96378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/section-multicolumn.css>; rel="canonical"
x-sorting-hat-podid
223
component-rte.css
xbloom.com/cdn/shop/t/137/assets/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-rte.css?v=174470524262191921101712832615
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
ff207c4e85adfe8a1820a63aca88aede1f23b4681ef557cb9b51845d1583687e
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2388940
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=103.819, imageryFetch;dur=93.183, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
568
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
a46321ee-de3e-48d1-beca-8e40953564fc-1715625875
last-modified
Mon, 13 May 2024 18:44:36 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGoe4xSmdyQYaMOIwO%2BtQ05MYZL3VLlKc8ntGOtmHp07IaIMxzRDAdBsXiJfSopRqccS8fMQ%2BsJcxzgie5%2BTqN6TrncEKvo8yCewHHKgIt40pKV9U6ETphLKJXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1dea6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-rte.css>; rel="canonical"
x-sorting-hat-podid
223
image-sticky.css
xbloom.com/cdn/shop/t/137/assets/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/image-sticky.css?v=64067681804350090761712832632
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b66ad8b16ee36a2089dbb06cc6a810be5a49cd1cc0c9844a233092e06d94429a
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
2383311
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=115.186, imageryFetch;dur=83.510, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
content-length
423
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
3317370a-32d5-4b46-a010-9e844d0ad846-1715631804
last-modified
Mon, 13 May 2024 20:23:25 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5qbnwMIKeT6HHgNMHLFU%2B%2FHet70viNDqa%2BqfzE7VCTZqdyazxt4m9wy%2FK77lojmrLusrKO%2FEZnUxGLYXVjQvVK207XKx1Bi1PHYEDr%2B1c1Wu7Nr5OKwyMF%2Ff7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1deb6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/image-sticky.css>; rel="canonical"
x-sorting-hat-podid
223
section-footer.css
xbloom.com/cdn/shop/t/137/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/section-footer.css?v=114370375225759478741712832651
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
696c79e4516c963c6b72f1d71f0d79c45bcfd302a1c6eab304cb77e70ffbfc9e
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
2392538
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=114.490, imageryFetch;dur=63.174, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
content-length
583
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
1b93db44-d045-4374-bcc5-25386745c446-1715622578
last-modified
Mon, 13 May 2024 17:49:38 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoSm8cfKMx2Z7SkFpYS%2FXYLRbEFngNQUDiIMRVI%2Bn%2BHwTtx2Qqzj00EQz9GWPu%2FNmcByNO0CGebeiBgCujIarbbGST%2BdUgi6dWlaSaa10HC3apEvSjU4oOM3ef4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1dec6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/section-footer.css>; rel="canonical"
x-sorting-hat-podid
223
js
www.googletagmanager.com/gtag/ 		371 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TC0C5S6R68
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
164eeaadc8344225ed01bf20d7e6e15df859182ca8392cb9cd778158737f1413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
123116
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jun 2024 10:25:16 GMT
product-form.js
xbloom.com/cdn/shop/t/137/assets/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/product-form.js?v=16937654922426177151716289507
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
c9f0e296d507392834eb3abb1080684e5350c4b4533eceef95498bc7d678c233
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
1724718
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=141.039, imageryFetch;dur=124.755, cfRequestDuration;dur=21.000147
alt-svc
h3=":443"; ma=86400
content-length
2488
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
805898dd-a291-4cd6-ac2f-4dc6d51cc946-1716289530
last-modified
Tue, 21 May 2024 11:05:31 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Qv4eo9Ge4JZl1%2FUhn%2BzhmMDfyetsc9giwye%2BGvcOk7t3x%2F24RKEgsPgMW4fUQoc8j7fmhiuv0AYYJm8bu%2F2tmHIW6q2evDKic1SYpJ43lRBmuvocVzgPdN8kiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1ded6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/product-form.js>; rel="canonical"
x-sorting-hat-podid
223
xbloom3-track.js
xbloom.com/cdn/shop/t/137/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/xbloom3-track.js?v=83898537793519432441712832665
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
7d74a152667436bc5f066fd26976e34ded30d73b68170696650244e70d042b56
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-central1
age
2383349
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=112.275, imageryFetch;dur=83.508, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
733
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
5f57208b-7be9-4b7a-8bc2-e1f585e40ce2-1715631767
last-modified
Mon, 13 May 2024 20:22:47 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lGWqyEtPO1TrsOm8ddlcHtizmZ7a4%2F78ySfVDZkTuxGoIXphqaIOIXvwooqkG539MhDSqRaRrUeuueIEzEOhPYiURLp6jiD4RBYbTM4IcnjUtuduWx0kP325IVo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b1dfd6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/xbloom3-track.js>; rel="canonical"
x-sorting-hat-podid
223
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 22 May 2024 17:01:28 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12104
b07126ca1w84bbcbafp74979a33mc3de2333m.js
xbloom.com/cdn/wpm/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/wpm/b07126ca1w84bbcbafp74979a33mc3de2333m.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
bd82b3dc2d9d363d8a67c3b7d8ceb2a1088e2eaba2ef5307c89fc66d39be27bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
239868
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=159.401, imageryFetch;dur=129.494, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
content-length
31296
x-xss-protection
1; mode=block
x-request-id
24f69802-de97-4474-b16d-e012da172c19-1717775248
last-modified
Fri, 07 Jun 2024 15:47:28 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NO6SWZq6CIyXTSKnT4Gmeay0LCvr1w%2F8n6vXUsw%2FfNJQPzc9dev3R2E58cQ04Vr5KpFg52D7RtUItALS3qhzJnp%2Bz9SPaU5Goj49hMZgZcNTSFHwlq20jsHs5S4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8918a80b1dfe6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/wpm/b07126ca1w84bbcbafp74979a33mc3de2333m.js>; rel="canonical"
x-sorting-hat-podid
-1
trekkie.storefront.99bdfbca815ea24ab1705979a783df6e7810b51d.min.js
xbloom.com/cdn/s/ 		113 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/s/trekkie.storefront.99bdfbca815ea24ab1705979a783df6e7810b51d.min.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
ae3bf7e1679d80867eadb5f5f0489e1fa92bd0fc8dbd24be4a8493230a18fb20
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
293565
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=151.013, imageryFetch;dur=28.552, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
content-length
24134
x-xss-protection
1; mode=block
x-request-id
c74b4467-b2d7-4473-aa99-1e8258418249-1717721551
last-modified
Fri, 07 Jun 2024 00:52:31 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gY%2BuPvOCp5i%2BBph0uejdrnKzrDuhXNPaAhpY20msfhqCt9nQ3tn8UoTmPlbEfKjvbahrViG9X7wDmXuW4Sn1W8HUMKW%2BrHoLsBWihKxSBZd%2FjPccGV9wsbRmfII%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8918a80b1dff6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/trekkie.storefront.99bdfbca815ea24ab1705979a783df6e7810b51d.min.js>; rel="canonical"
x-sorting-hat-podid
-1
shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
xbloom.com/cdn/shopifycloud/shopify/assets/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2369534
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=212.549, imageryFetch;dur=37.576, cfRequestDuration;dur=14.999866
alt-svc
h3=":443"; ma=86400
content-length
2640
x-xss-protection
1; mode=block
x-request-id
24e17d90-b47f-4cec-9563-d2fa2052be16-1715645582
last-modified
Tue, 14 May 2024 00:13:02 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eKJVrRagH79fT7FTiQff8iAH86SHvzhvN%2Bk%2FSdxMfnYYt6xVxCGIPeZwnaFSqRpiH5zF20WYDWKHaWJXhlekbDb%2BZspW8o4zSVt91Oy8dlHih25Zx9Or0Tu2AqI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
cf-ray
8918a80b1e006378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js>; rel="canonical"
x-sorting-hat-podid
-1
shopify-boomerang-1.0.0.min.js
xbloom.com/cdn/shopifycloud/boomerang/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
468e777478117be830b202b97cdf0304bee6f3d9fd4cb1ce70650ed93b7fa4a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
302703
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=153.947, imageryFetch;dur=24.444, cfRequestDuration;dur=15.000105
alt-svc
h3=":443"; ma=86400
content-length
18578
x-xss-protection
1; mode=block
x-request-id
911944ed-896b-451e-9fdb-d2f1e6052199-1715631936
last-modified
Mon, 13 May 2024 20:25:36 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V64HRED5OcaBW97IrLriIEdq435YSVWPO8aWCRFGJbKGSNaF%2BGQI0SXtKLt9rU49o8eq8fliuCedLVuuTToZi3EkTuAzc3J39oq%2Bh8NML6PWKrG%2Byrkw0QP9sFw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges
bytes
cf-ray
8918a80afdde6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-sorting-hat-podid
-1
bundle-InterTight-Regular.ttf
xbloom.com/cdn/shop/t/137/assets/ 		102 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-InterTight-Regular.ttf
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
6b8503dbbf03f82fc125d897793b6548c42d04e86e1d821485e10e94c1153655
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2378537
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=1138.130, imageryFetch;dur=109.495, imageryProcess;dur=1028.352;desc="font", cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
104744
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
3a44c4b6-07d7-48f8-a1cc-4dd62ea254ae-1715636549
last-modified
Mon, 13 May 2024 21:42:30 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LU464deLa5sxXbms8N8G0%2Fl73F7yLIYXTAiqhdfPyXLNs9eV49qamjMXtQ8MlLO2gYrS3t1C7d7Ccl0%2F6mUU14DWhBggXzSphuTa201HAq3qaCLWe3BJASuQSZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b7e436378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-InterTight-Regular.ttf>; rel="canonical"
x-sorting-hat-podid
223
bundle-QuincyCF-Light.otf
xbloom.com/cdn/shop/t/137/assets/ 		67 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-QuincyCF-Light.otf
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b143603097429a707416baa8fd4ef270bb3dcc58178033c28d80ec15b089e389
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2380699
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=66.790, imageryFetch;dur=38.545, cfRequestDuration;dur=14.000177
alt-svc
h3=":443"; ma=86400
content-length
41598
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
6d32a41d-a8d5-4c74-a549-382fe3284478-1715634183
last-modified
Mon, 13 May 2024 21:03:03 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CkDXB9Jg0INEBDyskKJFRR8lMw7ovvfuW0hD8wqinslTOthU%2Bx6ORxdO0FikiYTPEzvO2P6z%2BffFTTGz0Wr93Fq3nLP3gWGwMGqWuNSHcLt9IJyYsrwuCOXcvs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b7e446378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-QuincyCF-Light.otf>; rel="canonical"
x-sorting-hat-podid
223
bundle-InterTight-Medium.ttf
xbloom.com/cdn/shop/t/137/assets/ 		106 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-InterTight-Medium.ttf
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
af6752fd10e37902e640bee5e9e1eac16750cd3b31a7fff5cabf684695738465
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
2393706
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=1391.944, imageryFetch;dur=110.330, imageryProcess;dur=1281.011;desc="font", cfRequestDuration;dur=19.999981
alt-svc
h3=":443"; ma=86400
content-length
108608
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
934bf74f-810b-4941-be57-dcafe9ac269e-1715621409
last-modified
Mon, 13 May 2024 17:30:10 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55oyxfkBa6AFQGhWSWH93%2FNSmM%2BIlVFdG2jzmTbWMwL4x67bqo%2FgBq33hmqtR%2Fp%2FMoGAazDg0sbWeDBONmrDef6Gq%2BXoI2JDDc57u5h%2BFT9R%2FbfusiEkqIvnctA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80b7e466378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-InterTight-Medium.ttf>; rel="canonical"
x-sorting-hat-podid
223
Bom_Jardim.png
xbloom.com/cdn/shop/files/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Bom_Jardim.png?v=1717788319&width=300
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
7dc863a264a3ff4a5b37453fff98a7025eda7f24400151512ee56ac92a76810b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
222925
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=413.184, imageryFetch;dur=55.526, imageryProcess;dur=355.558;desc="image", cfRequestDuration;dur=14.999866
source-length
115251
content-length
3549
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
609054d2-b430-4658-9c27-cd51731a8284-1717788972
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 07 Jun 2024 19:36:13 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNi8HehcX2sEWkioR%2BfKqVm%2FhwhNbIWH%2BEZHY5x7%2FtRYdAfpJUKJHvQpd%2F4o%2Bx2JPi7WIoPlBf%2FNQwZGMhwi%2BcPUrYd8I%2BYnUOoCD%2FySkOaRo5wrojQPlVqTf6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b4e156378-ORD
x-sorting-hat-podid
223
Finca_Tamana.png
xbloom.com/cdn/shop/files/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Finca_Tamana.png?v=1717788320&width=300
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
01d3746facd772a66b89ce9a5a3204cb3f69d896b42f28f6e44dd402399cc283
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
222925
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=471.110, imageryFetch;dur=51.985, imageryProcess;dur=418.125;desc="image", cfRequestDuration;dur=16.000032
source-length
155268
content-length
3926
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
4c200014-3cc1-4a2c-973a-cd913563cef6-1717788973
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 07 Jun 2024 19:36:14 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IokwYXK1dShR19%2FxWYeLnXTrYIPOhTXlKdrJgxBJWp7CRlbk25PFu3Ie6qZeKlHsalbya%2Fdhx9IuD1ZfJYrVdX3xCxufCqS2%2BzOOLo%2BEB7HU6YQo%2BqkOA5dmDSI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b4e166378-ORD
x-sorting-hat-podid
223
El_Triangulo.png
xbloom.com/cdn/shop/files/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/El_Triangulo.png?v=1717788320&width=300
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
4434d3ccdc7ad62470facaadcb46dfc83591025453a257e72e1388ce8698ac25
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
226006
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=388.711, imageryFetch;dur=32.298, imageryProcess;dur=355.583;desc="image", cfRequestDuration;dur=15.000105
source-length
651609
content-length
9740
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
75107ee1-a6ed-47f1-9e7e-122997d0ecdb-1717788929
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 07 Jun 2024 19:35:30 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BhBg%2BKq%2FQKte2R95SwreZGLgv4BJRJTFZvgze2PaxYzswU2aA0%2FYsQGVzWlMFdhgv2C4uiyLQ5UzNYlAHlsddYNN9ao%2FqxZe%2BKhCGajPhRqWvWF%2FRiZB1S54RM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b4e186378-ORD
x-sorting-hat-podid
223
Group1130_cfebe14c-393b-43cd-82db-156a77c0ec16.png
xbloom.com/cdn/shop/files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Group1130_cfebe14c-393b-43cd-82db-156a77c0ec16.png?v=1715724706&width=300
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e029c6f2ea0038833bbc597ea2bc0b8ec3ef481f400dd48cf0d35a1657d5b7e4
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
984022
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=706.669, imageryFetch;dur=68.321, imageryProcess;dur=637.376;desc="image", cfRequestDuration;dur=14.000177
source-length
519920
content-length
5452
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
13b8b451-3e9b-419c-ab06-9458e3cbfb60-1717030698
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 May 2024 00:58:19 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GmJ6J49S%2F8wSKXA2DtkiFeRCCfR5cxIH2d1L%2BKzHJzuEtzeuiSCrhRJ%2FxpcVJTodN81ICCmLRc5hTggEY8spB1KDdo825Oa9XUPAU3%2FtbzDhwz0edkws8FARDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b4e196378-ORD
x-sorting-hat-podid
223
Group1140.png
xbloom.com/cdn/shop/files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Group1140.png?v=1690478103&width=300
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
f83de32a3933e3e5f164057cba065389856d91dfef9329eb568a47ccea26b5b7
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2372170
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=598.123, imageryFetch;dur=29.188, imageryProcess;dur=567.713;desc="image", cfRequestDuration;dur=15.000105
source-length
525163
content-length
5627
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
75c24c36-3a44-4f73-89f3-4afda59e79d7-1715642946
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 23:29:06 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0m6sioZr98ZsFCYnk69Q%2B7kBWQCzpDp11KBcNNjZ59y9BonIdFXujI7HpPoexqNil9qOy7N0xiTh%2BLlQlGsTSuouyl3%2BJ1aaLJDnfLpGD%2FRKnOo%2BEWUjBXpIw3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b4e1a6378-ORD
x-sorting-hat-podid
223
Group1128_89b941ad-bfc5-4b0a-817d-3f542adbb519.png
xbloom.com/cdn/shop/files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Group1128_89b941ad-bfc5-4b0a-817d-3f542adbb519.png?v=1706516353&width=300
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
4a2add6131d6fd40371fb8f4f87fc2cabda977c4133f5f2330b53b8acb5456fb
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2372177
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=661.472, imageryFetch;dur=66.223, imageryProcess;dur=593.989;desc="image", cfRequestDuration;dur=13.000011
source-length
579255
content-length
5280
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
1eb788d0-71ac-49de-9ddd-06ad5994335a-1715642938
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 May 2024 22:19:45 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0g6JiMiajq9LVZyBnml8dKa4KpRgI6bVX%2BZpuyEyBMJGHA3LLBsjzqqrC7iprRv5hWPw5G47PMdEUdlrUWPWdPv7BfJoGgwkM%2B%2BhRZmk60jKGAQaLKHLDMkqoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b9e506378-ORD
x-sorting-hat-podid
223
Group2350_367008c9-25fc-402c-87be-db517d30e376.png
xbloom.com/cdn/shop/files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Group2350_367008c9-25fc-402c-87be-db517d30e376.png?v=1706600818&width=300
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
b8c650d995f1ae3743ce9b34aeb5adf39bb41965170c89a99b20b8801450456f
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2375865
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=676.775, imageryFetch;dur=59.383, imageryProcess;dur=616.671;desc="image", cfRequestDuration;dur=11.999846
source-length
946521
content-length
5220
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
662f0b75-9944-46b8-aca7-c89dfc6e3b94-1715638279
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 22:11:20 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dzqaP03pgxVyIyZcsmYDrby1yNL3dO922EoGOxnhitDb%2FKZueX95bb3zGUKJIrUvslNMs%2F%2BQJwcEgF2ndI4i2jXQFbunX0vpyOEz87H0Gj7HM5VVr16sw77ullY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80b9e516378-ORD
x-sorting-hat-podid
223
component-search.css
xbloom.com/cdn/shop/t/137/assets/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-search.css?v=184225813856820874251712832616
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
4021e214b32f3d1367300c674717f2547b9b04df968877bf8a95c2547791ec7d
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2389479
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=76.815, imageryFetch;dur=55.489, cfRequestDuration;dur=14.000177
alt-svc
h3=":443"; ma=86400
content-length
402
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
856d7ec9-9837-4875-a40e-f238f2075324-1715625636
last-modified
Mon, 13 May 2024 18:40:37 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyqWfsp86qBfuv7bV7cK9qw6WcQLesWBCHMXvrhajpHOPEImXPytpjw5NpybO3kALiIldFgIL0RGvv%2BP5gEykgXzth7goMe5os%2F00gw42yvzkINODqVvE%2FrnaJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80bae536378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-search.css>; rel="canonical"
x-sorting-hat-podid
223
component-menu-drawer.css
xbloom.com/cdn/shop/t/137/assets/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-menu-drawer.css?v=142279773006419972781712832610
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
c0de416f552af64fb1eee8f6efb8e744a55605addb1862a62e122c89c49b8638
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
308354
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=101.678, imageryFetch;dur=65.582, cfRequestDuration;dur=16.000032
alt-svc
h3=":443"; ma=86400
content-length
1114
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
6f033a16-f356-4dd8-90ae-f9bcbd00aa73-1716582469
last-modified
Fri, 24 May 2024 20:27:50 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rStsFHIMhDDkc1pNb8kWwrWcpvp3Uw4Lpugkwi9HHSvOt5zZhhjLhdFo0NeWvKI5ToBSVorIR%2BdYNOYCZNYwQUp0GGpipk1q8h%2Fy627ttCSto%2BHGQ6qojgCzJWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80bae556378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-menu-drawer.css>; rel="canonical"
x-sorting-hat-podid
223
component-cart-notification.css
xbloom.com/cdn/shop/t/137/assets/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-cart-notification.css?v=137625604348931474661712832603
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
817dee4a2c10cbda4891696c79f42c771d231480cef7d0e9e3c2403226ce0798
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2395883
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=87.170, imageryFetch;dur=55.577, cfRequestDuration;dur=19.999981
alt-svc
h3=":443"; ma=86400
content-length
646
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
41698618-9f62-4381-b6d8-198cd81b9b8b-1715619078
last-modified
Mon, 13 May 2024 16:51:18 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lp3OBkyKkrFLx1hO%2FCnMcfm%2F30Z763vKem%2F0JGGYZV1uApgm5MC%2Fq2ve%2BG6FSAAls%2FuDhCHAWOpo7EZdpppxWNkexnbi%2FCbeSdnJMfuc9GQY8bhbAd5KKFKC934%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80bae566378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-cart-notification.css>; rel="canonical"
x-sorting-hat-podid
223
component-cart-items.css
xbloom.com/cdn/shop/t/137/assets/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-cart-items.css?v=41795396322879479241712832602
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
06f5532ed7a6f3d37c0ff15c8b1bf3f96e6c7096efbe1ad5404ae7d38e2212e7
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2395590
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=76.099, imageryFetch;dur=50.137, cfRequestDuration;dur=14.999866
alt-svc
h3=":443"; ma=86400
content-length
1089
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
f44edc91-c33d-4fa7-94f4-e29abc15fde3-1715619526
last-modified
Mon, 13 May 2024 16:58:46 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=McEbPOmBWSN%2FwNct9tj3XxXSx%2FRq25FlkgqaY%2FpNiBwf6O7ITUhReXoskl1pi72CyaJ5%2F9P%2BFXxEu8jntvguk7dM%2FwFHpNHaoNoWRfICtPgKkeiifP4cfDwTtcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80bae576378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-cart-items.css>; rel="canonical"
x-sorting-hat-podid
223
component-mega-menu.css
xbloom.com/cdn/shop/t/137/assets/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/component-mega-menu.css?v=136277208816120552201714380563
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e1fcc965ac290d6eef52131da43bf4912106cc6229645a7410d4a0b9afef8189
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-central1
age
2382969
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=108.395, imageryFetch;dur=83.247, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
content-length
856
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
6b41198c-044a-4200-b523-624e171fc5f3-1715631949
last-modified
Mon, 13 May 2024 20:25:50 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AyzlGIcz3sLCNIdrFZLGx28mrGp9JRLekhnZb2915sqCFwihj5WkoMdv7hlJG7UldM%2BdTOvhTy50CQS5XevuTcSlTE7jb2F%2BtTK0QJ2wxK8WMnwLC6roFzX%2Bmo4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80bae586378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/component-mega-menu.css>; rel="canonical"
x-sorting-hat-podid
223
bundle-InterTight-Light.ttf
xbloom.com/cdn/shop/t/137/assets/ 		106 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-InterTight-Light.ttf
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
ebd2621fdfa31ded947c27d035aaf3de95c4ccc33d998827b85ba7bbc705068c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2389548
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=1283.951, imageryFetch;dur=70.704, imageryProcess;dur=1212.916;desc="font", cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
108176
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
02cb9392-c638-4111-893d-92b3aa02cd81-1715625496
last-modified
Mon, 13 May 2024 18:38:18 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUjIXK7pTZiSBPXtNHTasrx1PRWRqbrRyauNEnQDDM%2B3%2BTGfhZ2kK7N6Go%2FfI4rrt%2BA0YRqGf9YPTn%2BGQtsEt76tHjPFLB4p1AA6QmtuX%2BIp%2BzBnVx1xgqcmwQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80bce7a6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-InterTight-Light.ttf>; rel="canonical"
x-sorting-hat-podid
223
bundle-QuincyCF-Regular.otf
xbloom.com/cdn/shop/t/137/assets/ 		67 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-QuincyCF-Regular.otf
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
04076634a045cfcdd37853823feb608eac6a47c84967228b07c9d104ff5dd722
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2382396
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=169.627, imageryFetch;dur=54.949, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
41861
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
abea9bd5-75d3-43af-8b6b-005b4eccc5f1-1715632517
last-modified
Mon, 13 May 2024 20:35:17 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GByWg7aMTnLeAFFlQjOeW7QK1He9VgQaVYvG39MlKN0LwuKJZvRBIc0dLu771rRcMTKLMdYd0rev2mJ3b2hfsbCtCtYEjxZ4Ds3lpLPDgnaP%2B3zetyJx6SBogNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80bce7b6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-QuincyCF-Regular.otf>; rel="canonical"
x-sorting-hat-podid
223
bundle-QuincyCF-Thin.otf
xbloom.com/cdn/shop/t/137/assets/ 		67 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-QuincyCF-Thin.otf
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e12c953d211a24ebd41828880acc220c30b1a182c2ae5ad02d3773bdc8fc3cfe
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-central1,gcp-us-east1
age
2383816
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=90.974, imageryFetch;dur=57.455, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
41614
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
ff83c644-a441-462c-a70f-6270be12536e-1715631300
last-modified
Mon, 13 May 2024 20:15:00 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uAHHXGxPJGDVS3HMAH%2Bm%2BZxYjN3kZ2ZrMcdIQ5eKiMIrXIMrT%2FUlLvU3Jp%2BIbYgCWbLGqmdV88a7G9ksGpVquXYej27VBZiBNX5gDujtObGv0PfWKgobBisAe1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/otf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80bce7d6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-QuincyCF-Thin.otf>; rel="canonical"
x-sorting-hat-podid
223
section-rich-text.css
xbloom.com/cdn/shop/t/137/assets/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/section-rich-text.css?v=164864577571144200981712832656
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
04743498d1608e78f4d2b21571b2df7c4dabd6b188cb69d807f06a2128d6e9c0
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
age
2396098
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=108.633, imageryFetch;dur=86.358, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
content-length
451
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
71fe5bbb-e55b-4447-8d69-bd7a75abbbb4-1715619018
last-modified
Fri, 03 May 2024 15:40:15 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nPzXaDqOMljf3ZElzkjRdLLiQ3aSBV1pqppVQc84tUfJRnVeO5C2cZ5JOlqF7%2FMQZVDU7gvxs%2BMJ7b%2FoYd%2FChE9HLMjTFDeR4F0kwovsvm35gANeTyEIN%2FzacoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80bce746378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/section-rich-text.css>; rel="canonical"
x-sorting-hat-podid
223
fender_analytics.f692ee00c71150d7db91.js
static-tracking.klaviyo.com/onsite/js/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.f692ee00c71150d7db91.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YcBdjn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5WJy..Lo4mK2jnII0rHa1l5haINArMgZ
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:16 GMT
x-amz-request-id
41Y2RTP149KA3F25
age
215126
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12748
x-amz-id-2
mKL1xWMRGO3xerTYlPL0yRvVbZ5DZgnzOEYw7UzT/IairFK8mTlaNUFMOeD5za6kjnB4D8Fzjtw=
x-served-by
cache-lga21947-LGA, cache-yyz4553-YYZ
last-modified
Thu, 11 Apr 2024 15:48:20 GMT
server
AmazonS3
etag
"cb6418619f08d5e582cf68f2d2432438"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f762585ddd3a013913c4e420e75aa2819d1084f2
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
28, 100673
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YcBdjn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
pOOHfwEpxidpf1C5y5x2xTnzSKHLx9Qw
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:16 GMT
x-amz-request-id
ENY9D5YSSWTZMA0V
age
215126
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
1029
x-amz-id-2
7YTZXjqkIvOweXIi7oeSA0xceDuWnmsMjEiNKqUFwDsP8LixUujiplLZJYiO/I8qfIFeO9cu6W1SD2AsFigCFg==
x-served-by
cache-lga21976-LGA, cache-yyz4553-YYZ
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
26, 108099
runtime.df7cd64caef40ba309ae.js
static.klaviyo.com/onsite/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/runtime.df7cd64caef40ba309ae.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YcBdjn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84e02f342e9f5d815afefe832efce3c12eea6f42813ae13eebbf86387e6c81c6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
c3wphVpt8hlQB2haHtwjdqqntUxqlHk.
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:16 GMT
x-amz-request-id
584CC9XM7NP4Q52R
age
215126
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8135
x-amz-id-2
IG43pnhY135WihZjqrRdsmPu2oHX89ekZx3gtx3K9ILzYKYlBgnPRO8044GXKMH+R7Z3DHJW8Yk=
x-served-by
cache-lga13621-LGA, cache-yyz4538-YYZ
last-modified
Fri, 07 Jun 2024 15:37:52 GMT
server
AmazonS3
etag
"289a85c9441c5d5ccc6439b3a7c471bc"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
38eb0d731a8f46438c90c8a370f0cc2b6182546a
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
83, 121250
sharedUtils.057cb0eb98650d30aff7.js
static.klaviyo.com/onsite/js/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.057cb0eb98650d30aff7.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YcBdjn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d74c3eb614bc7b790b4be5e50fac445e093f5e10c21492655dedd1b833b0b101

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jBOYQgaMI7Ykn7MgQ8jt8Bs78o.EPb3o
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:16 GMT
x-amz-request-id
MA2YJM9QTA6M8XSX
age
215126
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
17896
x-amz-id-2
QarBHphAMMz5Xo137P8PftVOdOxCyJiT29Dk7aQopgbzlY9NOT7J/mXgDLPnWk+lxM1Wf593a0s=
x-served-by
cache-lga21958-LGA, cache-yyz4538-YYZ
last-modified
Tue, 28 May 2024 21:08:08 GMT
server
AmazonS3
etag
"5c02667ef6e620d01b7c666992e2a08f"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
872bf0cfc8d4e63dd08fdd588b4a360f20e26b84
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
152, 114250
vendors~signup_forms~onsite-triggering.f845316191668c116a7f.js
static.klaviyo.com/onsite/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~onsite-triggering.f845316191668c116a7f.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YcBdjn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e75cd890292c90b5f1cefb77175bcc92f9ff6eb7e06ae25e958b3135262cf730

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
o3Y6ptXBY4GxmlvuEFQJL6klRORBIUHg
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:16 GMT
x-amz-request-id
J8BZRA7VKGYHHVMZ
age
215126
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
7132
x-amz-id-2
6oxjZtg9Yde+dYOOSWFnSNgEGbcksYV/Y+c32D2oHkNuzqDJZsHHojH20V0XPoGK11DBcnB0y5E=
x-served-by
cache-lga21949-LGA, cache-yyz4538-YYZ
last-modified
Fri, 17 May 2024 20:23:13 GMT
server
AmazonS3
etag
"136fec72f79bed06cde17e633770963f"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f3ccbad01c1d49720adeb3e45f3bf14ac81178df
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
6, 88070
vendors~signup_forms.8d18a176cd326e575af9.js
static.klaviyo.com/onsite/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.8d18a176cd326e575af9.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YcBdjn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75e5306935fa9ed4526275cbc0f83dce2de87359db9761595b877aaa57c869f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Mhrm3sufsuACrwZt1Gb6K9T.UnEXZW36
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:16 GMT
x-amz-request-id
XJNNPXWAV7SEV7HG
age
215126
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
4967
x-amz-id-2
lzCK33q6udB8b78X9zMxHFkfGc6qh/6G3gr5Y/IIDuhyq5A72Nj1r9kvlPxDmrLeM7t60sI31RAVMNAZek2hyQ==
x-served-by
cache-lga21974-LGA, cache-yyz4538-YYZ
last-modified
Tue, 23 Apr 2024 19:40:26 GMT
server
AmazonS3
etag
"d81ab2c96c9bb291ab7e198e7506ecf4"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
1bbe179216ad618d111d56518ca2453a2ec582e8
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
4, 89575
default~signup_forms~onsite-triggering.cfe3998831b94919fcd8.js
static.klaviyo.com/onsite/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.cfe3998831b94919fcd8.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YcBdjn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04eaf342c366606b19b6a2d681f5f21e53c9a2858185e267ef9d26bd4490d8ff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
LM0DNPT0qtPKCYeRJKsHpCC4QK5UPrbM
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:16 GMT
x-amz-request-id
HXN1PBKQCVXHEHQA
age
215126
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
9896
x-amz-id-2
ODicLiCipauMfBHE992fjnb58KpNn5fxGJDnOBoegekNGdWgydIZj1wFUpem7nAI0+6l/xH6qCw=
x-served-by
cache-lga21940-LGA, cache-yyz4538-YYZ
last-modified
Wed, 05 Jun 2024 19:18:21 GMT
server
AmazonS3
etag
"db7285838341ff5d932196dc894a976f"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
6d2c9609ade8bfe64e4360726c2e262343b69184
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
13, 91974
signup_forms.8626cad0ac6603def4c9.js
static.klaviyo.com/onsite/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.8626cad0ac6603def4c9.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YcBdjn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138f9194e9ec9c7b1f13866151454c0be3e5407474ab35870ddd8274d6125cb1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JRudfBMsIJHZk6cV7PMCfrSd1msMfBJw
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:16 GMT
x-amz-request-id
584FAR7SR9ZDN97M
age
215126
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
5122
x-amz-id-2
y2WzsWVKHTA1lPBB1Uj9/0YckoSy39IhCfD/fgYsu73bed+3o+kou3vPbwO4nlQ1lTCNYcyqK+4=
x-served-by
cache-lga21941-LGA, cache-yyz4538-YYZ
last-modified
Fri, 07 Jun 2024 15:37:52 GMT
server
AmazonS3
etag
"d7cc79aaa5354a650f057ef2a105b0fa"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
38eb0d731a8f46438c90c8a370f0cc2b6182546a
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
55, 112258
config
pixel-config.reddit.com/pixels/a2_emdeck1u5rbl/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/a2_emdeck1u5rbl/config
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
a2_emdeck1u5rbl_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_emdeck1u5rbl_telemetry
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1718015116503&id=a2_emdeck1u5rbl&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=f2845ef5-3c9d-41e6-968c-36c8e855bc8a&aaid=0000000000000000000000000000000000000000000000000000000000000001&em=0000000000000000000000000000000000000000000000000000000000000001&external_id=0000000000000000000000000000000000000000000000000000000000000001&idfa=0000000000000000000000000000000000000000000000000000000000000001&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
get-off-bg.png
xbloom.com/cdn/shop/t/137/assets/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/t/137/assets/get-off-bg.png?v=19521570830219885201712832627
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
d9087116ad3cbb3c89a8f0205d9a4bd3435c58d6ec75b4be00cef7ecd31ae3de
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2368511
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=357.422, imageryFetch;dur=90.379, imageryProcess;dur=266.162;desc="image", cfRequestDuration;dur=16.000032
source-length
88293
content-length
14104
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
7031e023-bf15-4b76-b0fb-8cbe9b82cb78-1715646604
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 May 2024 00:30:05 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jfmk79AuM8N9%2F8QNc96REnS019ezMrGwM0MtUaTkwpJj3cLGlAIWuIN1TWzAtRevRQwzUKwFzEngr5n40rw8%2BJEXzXnxInbUdkeVN9xASeB1FT1j%2BHL8U7aLlwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80f58406378-ORD
x-sorting-hat-podid
223
get-off-coffee.png
xbloom.com/cdn/shop/t/137/assets/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/t/137/assets/get-off-coffee.png?v=30384314717220334231712832627
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
0ffbca040684ec1fb16292ce87de2fb0a252dd2488d318c04973e9e0c5d48b39
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
2383367
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=172.261, imageryFetch;dur=59.924, imageryProcess;dur=111.517;desc="image", cfRequestDuration;dur=14.999866
source-length
210132
content-length
29790
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
3d536f2e-3337-4df7-8cd7-11386914d210-1715631749
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 20:22:29 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UhAE64DLPFMYOfT2uXHf41bjUOpzo8iC1a5t2zrGiVoSgCvwzxh%2FbJPzfIXEp5nzt0tLwShFFGhurYwBuMzh9apAQ5EtQ2fr6LBeX0JYy6xs7dMvv9KuuhiwExo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80f68416378-ORD
x-sorting-hat-podid
223
bundle-InterTight-Bold.ttf
xbloom.com/cdn/shop/t/137/assets/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-InterTight-Bold.ttf
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
1f86f2de9dc8de005e265a7c4078261c3b69352710365137b8e33046d11d352d
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
2378126
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=1120.066, imageryFetch;dur=77.188, imageryProcess;dur=1042.398;desc="font", cfRequestDuration;dur=17.999887
alt-svc
h3=":443"; ma=86400
content-length
109368
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
e107aa7f-a24f-44db-bdd6-ba8fa6943cc2-1715636989
last-modified
Mon, 13 May 2024 21:49:50 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUFBF99U7vxI6l32xxHVqGBbCLAfDOk9vKEVbx1ZWYRDyXxoKiQ9NQrHskH2y0Px2UCS7nfipmYuif42TAwlORZwu1c%2BsqH79plWIhfq%2BP%2F0ASgx8dqZxN7pIE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a80f78576378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-InterTight-Bold.ttf>; rel="canonical"
x-sorting-hat-podid
223
secire_stash.png
xbloom.com/cdn/shop/files/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/secire_stash.png?v=1714379131&width=550
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
24ff7faa3ed352d9d4301b20ecb2849d52a36460abffe94cfb4d0a9625fc695c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2395875
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=875.069, imageryFetch;dur=114.862, imageryProcess;dur=616.761;desc="image", cfRequestDuration;dur=14.999866
source-length
6392178
content-length
37710
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
65641d0a-7822-446f-9593-b4bbda238c45-1715619233
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 16:53:54 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhVBK4GN%2F2yvRGR0FqYThiNAo1D%2Fpy%2FJ%2BltpBB9F%2BgDNGB3xzKfmSTgpBsDpHWwyiwkIl2SzrAia%2F4emy71nRGMZK1G5pddxYjE3itOilzQCO175adO6iHNty4s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80f68476378-ORD
x-sorting-hat-podid
223
Frame_2113.png
xbloom.com/cdn/shop/files/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Frame_2113.png?v=1711962729&width=550
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
cd114c8272b27e104e1ae5e91e31452803f46856c60195efcc0196936b9f2a37
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2369898
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=513.092, imageryFetch;dur=94.069, imageryProcess;dur=254.885;desc="image", cfRequestDuration;dur=13.999939
source-length
1091080
content-length
32788
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
b3a2323c-7ec6-44ee-842f-1882315e1cc2-1715627910
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 19:18:31 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSwNZQGqjWj0Si13GF8laWM4gFJLnDFcX5K0Iy6fPQkLMwzS1q%2BqXMp4WEBwtVAH%2F3jl%2FZ7HxTWFO2%2FhqW7N0Wn3lQlGuBFH7Yj5njggH%2BtSxF4T75ssXgLyom4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80f68496378-ORD
x-sorting-hat-podid
223
Frame_2111.png
xbloom.com/cdn/shop/files/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Frame_2111.png?v=1711962729&width=550
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
eb3a3e9613686873f76fc584776d25fffb7af5ccdd4fbc0b437085efb400bc00
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2369898
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=347.747, imageryFetch;dur=57.004, imageryProcess;dur=289.941;desc="image", cfRequestDuration;dur=19.000053
source-length
1010405
content-length
24630
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
8ff76ed3-cd84-488f-a632-781ea47b3e25-1715630132
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 19:55:33 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GTGfKS1%2F191wA0A6iG%2FBBvayGOH13Pa5Y6bJcZ%2BqXdCN3UEWOMcVhE%2Bixhivkx%2FpbpOE3c7TAYqJTQSXn6X%2BOlm%2Bh6L%2BWgPBudg418pKj7%2B%2FxEsOwDwCi07GA%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80f684d6378-ORD
x-sorting-hat-podid
223
Frame_2109.png
xbloom.com/cdn/shop/files/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Frame_2109.png?v=1711962730&width=550
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
32a4398305bcbd8d18a2b1f1d1ff09b66b175b7583bd1e86f9890070cfd6f81c
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2369898
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=345.431, imageryFetch;dur=164.342, imageryProcess;dur=180.329;desc="image", cfRequestDuration;dur=15.999794
source-length
1454346
content-length
40546
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
e4d1f956-7f5f-40f5-bcea-d7d9fbd990e1-1715640222
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 22:43:42 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4dsLUJ3LU3DBPLGHatb%2B820wNqUqzuEjyL%2F7VLHW0XcW%2BaRGvt%2Fohv4pg%2BAQJ8E4ezHxNxRSubCXNPXzfFxyD7vH4DI6Gl13Mumhggco%2F%2BCiTOfL2CRhFATSnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80f684e6378-ORD
x-sorting-hat-podid
223
Frame_34597173.png
xbloom.com/cdn/shop/files/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Frame_34597173.png?v=1714459136&width=710
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
4bc02a3cbcf5c15c6ead23f21697926f0e9da6b1f742530cdf56860fa65c9c97
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2375083
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=414.383, imageryFetch;dur=73.271, imageryProcess;dur=340.353;desc="image", cfRequestDuration;dur=13.999939
source-length
429885
content-length
10342
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
a5c63c22-bfe0-4b5c-9957-c7b32bda0a34-1715633964
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 20:59:24 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S3cltJUlQq6QcgwrcHN86GqActZIL%2BWxCc8ppzsYuEZHTgOaBhNrkKHQtqy2gaHSVH578meXRH6ADazKnNn6cc89U805oYwce15JG%2FK0U7NnRm9UpE6HTyb%2FFDI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80f684f6378-ORD
x-sorting-hat-podid
223
Frame_34597174.png
xbloom.com/cdn/shop/files/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xbloom.com/cdn/shop/files/Frame_34597174.png?v=1714459520&width=710
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
c63544d9fcf41f388f80453ce2b7439cd80c8c75c65f9b9f637a3217b19050d1
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
2375081
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=379.395, imageryFetch;dur=102.953, imageryProcess;dur=275.755;desc="image", cfRequestDuration;dur=17.999887
source-length
989315
content-length
12908
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
2a0062b0-3edb-406a-9d40-d3402591a733-1715632017
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 20:26:58 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4r62mkJGEGg%2BOsR%2Bw9fmHn78BafIq6c40dJns4b%2F959ZvjqIrr6RkvJsBPNsoQMUquHcXxRWOkxO3f0Hy1CI14BIuFobeDZ5C13a6%2BAcT0zOp6Gnjt8UMjq0zjs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a80f68506378-ORD
x-sorting-hat-podid
223
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 10:25:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=15, mss=1392, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
thm0Ai6un8uLHhkRo+1A6Km37hKEzhgJeIlFNAQ3Hzdq7FNhbWVe1PcGCYh6/CYE3Vg2mkzb1tTxlLzVN0r6BA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=258c8a9a-914e-45e9-ab8b-43544cba4ffc
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:17 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1XEFSGR91PCDXE6F
age
26
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
OAeeKDeTQpE8kek846C2mhvc59K+Z8qN+9Jm6dRF1kaXHTO36LS+00rAD/gc+KXlg4dFiT2mbVo=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SmSCbBiOO65NN1gt1EL69gQf3TkIRpCcv6mY4vKtCdjJ3qCc0gxNxQ79Y1ZcinUoz8n7PDOfJ9h18vQGCrDf6SBX4jkcGI8r%2FiZU8wdKWVk7Yy4g%2FjbkaTkl1NUbtMLSNA6GR%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8918a8113ad0ab2e-YYZ
access-control-allow-headers
*
hotjar-4996469.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-4996469.js?sv=6
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-49.iad55.r.cloudfront.net
Software
/
Resource Hash
47887192d2645b9b0b614ec681b23cf629603f3be8d9b6c6c9dcc7cb84e6d478
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 10:25:17 GMT
via
1.1 5b2c25375d693d0fb882145cde66154e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
etag
W/f95f5c2ab462f2801ee28c3096270684
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
fsCaWVvBpZVlpWdYB5mKSsDjqur28HLy4nxG1EYHj6FtM7FlLyjz5g==
info
api.bixgrow.com/api/referral/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bixgrow.com/api/referral/info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
60
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8918a8121c32ac82-YYZ
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 10:25:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jp8qfrDQbZsKKq3aBEpdHaXnQX%2BWNrMlk8XFs6U48QdesmjLVQokuBx%2F7hklNLZF7rGV1VVh7tFDXaR%2Brmd%2FrUv3hqHdAi8ORGZMontIzlKzsOgwoeEubZCcjxqHV2uhQe6k1wtS0MezP7hlTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Method, Access-Control-Request-Headers
session
shop.app/pay/ 		18 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shop.app/pay/session?v=1&token=3f62e1d4-8347-417f-9ace-178b2a6f735b&shop_id=61157048544
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff00:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=ShopServer&source%5Bcontroller%5D=pay%2Fusers%2Fsessions&source%5Buuid%5D=f89830cc-ea16-4212-b1e8-336d77b10d76-1718015117
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopServer&source%5Bcontroller%5D=pay%2Fusers%2Fsessions&source%5Buuid%5D=f89830cc-ea16-4212-b1e8-336d77b10d76-1718015117

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'none'; font-src 'self' https: data: https://cdn.shopify.com https://cdn.shopifycloud.com; child-src blob: merchant-feedback.shopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdnjs.cloudflare.com v.shopify.com https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com https://unpkg.com; style-src 'self' 'unsafe-inline' blob: cdn.shopify.com sdks.shopifycdn.com https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com https://*.googleapis.com; media-src 'self' blob: data: cdn.shopify.com; img-src 'self' data: blob: https: cdn.shopify.com proxy.shopifycdn.com sdks.shopifycdn.com shopify-arrive.s3.amazonaws.com storage.googleapis.com v.shopify.com; connect-src 'self' https: https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifysvc.com https://hcaptcha.com https://*.hcaptcha.com; object-src 'none'; upgrade-insecure-requests; frame-src 'self' https://app.mode.com https://www.youtube.com https://app.datadoghq.com https://*.shopifycs.com https://pay.shopify.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors admin.shopify.com https: *.myshopify.com admin.shopify.com; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=ShopServer&source%5Bcontroller%5D=pay%2Fusers%2Fsessions&source%5Buuid%5D=f89830cc-ea16-4212-b1e8-336d77b10d76-1718015117
x-permitted-cross-domain-policies
none
server-timing
cfRequestDuration;dur=98.000050, ipv6
etag
W/"9b5179ea2a77fe69b294fbd2ed504eac"
vary
Accept, Origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xbloom.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-frame-options
DENY
x-robots-tag
noindex
date
Mon, 10 Jun 2024 10:25:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
p3p
CP="Not used"
alt-svc
h3=":443"; ma=86400
content-length
18
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=ShopServer&source%5Bcontroller%5D=pay%2Fusers%2Fsessions&source%5Buuid%5D=f89830cc-ea16-4212-b1e8-336d77b10d76-1718015117
x-request-id
f89830cc-ea16-4212-b1e8-336d77b10d76-1718015117
x-runtime
0.003107
server
cloudflare
x-download-options
noopen
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KS6oT7gEvPYSX0WmJeBuBH2nZSG6Un%2BdnNnAIWjn5ZuDuMOp1bejO8AmGD2WmK2jORLZBnfWbbT6aj3r2hewLaND%2FF9K3dGhtVx2yx8gqQBAWthdf6I7k43%2F2xlniiWSXSJWqlg%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8918a811ac8d36ac-YYZ
x-sorting-hat-podid
-1
info
api.bixgrow.com/api/referral/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bixgrow.com/api/referral/info
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jun 2024 10:25:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-ratelimit-remaining
498
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7dafdsoVm5xaZJfXctfhx85Z1CWr%2FllzekZ2BRzUa8ECFHsjLfYxKeniHBbzFwRlVUFBxaytgdYh%2F4JL5Q25h6e1FzqT64KFX7BKN7Jv9ErtzS%2FCVBdc9rwMhUGE2nw9N6u%2FuxGFAB9DBwWFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
x-ratelimit-limit
500
cf-ray
8918a8133cd6ac82-YYZ
bundle-InterTight-Black.ttf
xbloom.com/cdn/shop/t/137/assets/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/t/137/assets/bundle-InterTight-Black.ttf
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
be980487b85ec608c6fdd4b31f2db4a2526ce8ae0cf27fc4bf3cf7f9df1d9775
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/cdn/shop/t/137/assets/bundle-xbloom-entry.css?v=42219434680974646591712832594
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
2383659
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=1100.924, imageryFetch;dur=65.957, imageryProcess;dur=1034.636;desc="font", cfRequestDuration;dur=14.000177
alt-svc
h3=":443"; ma=86400
content-length
106816
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
d481fc47-0dca-4356-8e22-fae3d8de3fd7-1715631277
last-modified
Mon, 13 May 2024 20:14:38 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BmepDy6cjN2acV8TIR%2BqEaqbyzttu5nwM3xIK9wop7dRsOPq%2BgNacp9oFIFKTs5pkVRebblC%2FFG3AnsyN0SY%2FFifzFuerqY5OVRnIblljBZhVx4r%2FP9ma5nDEFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
cf-ray
8918a81018a26378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/t/137/assets/bundle-InterTight-Black.ttf>; rel="canonical"
x-sorting-hat-podid
223
js
www.googletagmanager.com/gtag/ 		368 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TC0C5S6R68&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PKCLH7B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
636d9ca93848cab49b92d0bc87073d8a93847c5e18730d5a9940496b177b4f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
122152
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jun 2024 10:25:16 GMT
produce_batch
xbloom.com/.well-known/shopify/monorail/unstable/ 		0
760 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/s/trekkie.storefront.99bdfbca815ea24ab1705979a783df6e7810b51d.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
server-timing
cfRequestDuration;dur=39.000034
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
x-request-id
6963ce05-f692-494a-842c-581e10b879c1
server
cloudflare
x-download-options
noopen
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUlEXMoGC5OFSlfvGhPNHWQ8kjWWis0E6afkjOKQkGKsAj4rEiHU%2FuYFPWwZxdOcOAIj6ajjwb0v8VUEjzL9AOSqiZGiH42Gd%2FgIVqU%2BylTOhQ4EaFT4CgEwuCk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://xbloom.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8918a81018a86378-ORD
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/s/trekkie.storefront.99bdfbca815ea24ab1705979a783df6e7810b51d.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 08:55:52 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5365
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 10 Jun 2024 10:55:52 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGPVD3RC77U2K12E26M0&lib=ttq
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/s/trekkie.storefront.99bdfbca815ea24ab1705979a783df6e7810b51d.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.18 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-251-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
079b302f4be861e3b35ba31f78d3a978bdffdadc11d8170bf07d924a32536106

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
1eea773
date
Mon, 10 Jun 2024 10:25:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240610102517B5F1306EA9712C560F56-5EEDC17BDF5C3C0B-00
x-cache
TCP_MISS from a23-220-107-18.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=7
content-length
2142
pragma
no-cache
server
nginx
x-tt-logid
20240610102517B5F1306EA9712C560F56
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.220.107.18
x-tt-trace-host
01a8cb4daaf08510a8944058f62c049faefe8542e9b6b298387964636c5d954aee2bacd94cde5cc12bd27786cc6fdbf323cfb2a72ae52af6ec53eb0fa26103a966a248b1922d427ba1342eee83b3cca089c57eeb32ac38f752ace3bc6588d59319
expires
Mon, 10 Jun 2024 10:25:17 GMT
/
xbloom.com/wpm@07126ca1w84bbcbafp74979a33mc3de2333/custom/web-pixel-shopify-custom-pixel@090/sandbox/modern/ Frame C59D 		42 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/wpm@07126ca1w84bbcbafp74979a33mc3de2333/custom/web-pixel-shopify-custom-pixel@090/sandbox/modern/
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/wpm/b07126ca1w84bbcbafp74979a33mc3de2333m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e27e115ca8d8e8ec223b65b473932ddd9782f51b2654946a5823701508308432
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://xbloom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
239734
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000, public
cf-cache-status
HIT
cf-ray
8918a81048ba6378-ORD
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 10:25:16 GMT
etag
"cacheable:03133b4c178f8325795c44ff11e9f684"
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82tXbMZiNRU2dmaR7WumcV%2B7Lwfy0gQyyFopT4OK2LL3a%2BR7mNE%2BzG3Gxw8JQLvTi%2FjsmbO8Zyz8tJv4l0ajuZDBjF5Zueki5cphc56dLZxLENJNZYOxrvKx33s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=23;desc="gc:1", db;dur=4, asn;desc="40181", edge;desc="STL", country;desc="US", theme;desc="141773668576", servedBy;desc="bdv4", requestID;desc="e313fce3-11d0-4347-a447-5db4c7acfdfb-1717775382" cfRequestDuration;dur=15.000105, earlyhints
strict-transport-security
max-age=7889238
vary
Accept, Accept-Encoding
x-cache
miss
x-content-type-options
nosniff
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
e313fce3-11d0-4347-a447-5db4c7acfdfb-1717775382
x-robots-tag
noindex, nofollow
x-shardid
223
x-shopid
61157048544
x-shopify-privacy-api-migration-beta
1
x-sorting-hat-podid
223
x-sorting-hat-shopid
61157048544
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block
produce_batch
xbloom.com/.well-known/shopify/monorail/unstable/ 		0
754 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/s/trekkie.storefront.99bdfbca815ea24ab1705979a783df6e7810b51d.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jun 2024 10:25:17 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
server-timing
cfRequestDuration;dur=46.999931
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
x-request-id
49283a95-0b00-4f2e-8127-bd5281d44191
server
cloudflare
x-download-options
noopen
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m2uNOTvRr8Aq0LM2qMiNGazVhAE8UYDl6KJmPgc0V1MItYuL0Lz6h87ghkiEmUjFG5vpAUiUQE8wS6vzlrOiRSndXUDcLp2jDs8n0QiozmqI1Q1WBXZLf5XksLY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://xbloom.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8918a811091f6378-ORD
destination
www.googletagmanager.com/gtag/ 		232 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=MC-9LV2MQ6D8W&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PKCLH7B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c078c647c692cb23341955fa5f6e2e2867be78f57e9d29e4b65bf004c68ac9d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85789
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jun 2024 10:25:16 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-226376740-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TC0C5S6R68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c97002b213b4c62fc5934747965d1045624e64e70aa2149380be66e812c4c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74883
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jun 2024 10:25:17 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=585580954.1718015117&url=https%3A%2F%2Fxbloom.com%2F&dma=0&npa=0&gtm=45je4650v873467025z89186111886za200zb9186111886&auid...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=585580954.1718015117&url=https%3A%2F%2Fxbloom.com%2F&dma=0&npa=0&gtm=45je4650v873467025z89186111886za200zb91...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=585580954.1718015117&url=https%3A%2F%2Fxbloom.com%2F&dma=0&npa=0&gtm=45je4650v873467025z89186111886za200zb9186111886&auid=1517631280.1718015117&frm=0
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://xbloom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=585580954.1718015117&url=https%3A%2F%2Fxbloom.com%2F&dma=0&npa=0&gtm=45je4650v873467025z89186111886za200zb9186111886&auid=1517631280.1718015117&frm=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10940060479/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10940060479/?random=1718015116966&cv=11&fst=1718015116966&bg=ffffff&guid=ON&async=1&gtm=45je4650v873467025z89186111886za200zb9186111886&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fxbloom.com%2F&hn=www.googleadservices.com&frm=0&tiba=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&npa=0&pscdl=noapi&auid=1517631280.1718015117&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TC0C5S6R68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f0eb6a081000f839bed50e38de0690a47121ad8904a24879e2a6fd0361acd02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1456
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
produce_batch
xbloom.com/.well-known/shopify/monorail/unstable/ 		0
757 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/s/trekkie.storefront.99bdfbca815ea24ab1705979a783df6e7810b51d.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jun 2024 10:25:17 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
server-timing
cfRequestDuration;dur=39.000034
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
x-request-id
33749bb4-c0c8-4412-ac0d-7ea1e8768fc3
server
cloudflare
x-download-options
noopen
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6P3KtZHMxdy73J9hhoTkDo8XZcD4Sjxzx%2BYIqQd5m6AFj66s4KaTnD%2FUsdMhZW8eON6V4uOYNBbAdLk2BZkMErqaVAQ88OOZv15ODds14MU9acWg3X10E2iEaM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://xbloom.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8918a81159506378-ORD
produce_batch
xbloom.com/.well-known/shopify/monorail/unstable/ 		0
759 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/s/trekkie.storefront.99bdfbca815ea24ab1705979a783df6e7810b51d.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jun 2024 10:25:17 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
server-timing
cfRequestDuration;dur=40.999889
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
x-request-id
5b45d080-fcca-4a0d-97f3-d633403443c0
server
cloudflare
x-download-options
noopen
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PS9FOkwiXzBU%2BQK3I%2BP5edhseN1WmzbrwHESVIGjbYrTK2NBV0L1MLf1FFVF767SvEdKLc8lUaSi8ODulYUYWnJg4Egm55YK7T%2BWgumZKF6eJDE8ZdZg8vigwFs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://xbloom.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8918a81159526378-ORD
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TC0C5S6R68&gtm=45je4650v873467025z89186111886za200zb9186111886&_p=1718015115726&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2005672921.1718015117&ecid=899068224&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1718015116&sct=1&seg=0&dl=https%3A%2F%2Fxbloom.com%2F&dt=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TC0C5S6R68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xbloom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TC0C5S6R68&cid=2005672921.1718015117&gtm=45je4650v873467025z89186111886za200zb9186111886&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TC0C5S6R68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xbloom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TC0C5S6R68&gtm=45je4650v873467025za200zb9186111886&_p=1718015115726&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2005672921.1718015117&ecid=899068224&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=2&dp=%2F&dt=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&dl=https%3A%2F%2Fxbloom.com%2F&sid=1718015116&sct=1&seg=1&en=page_view&_ee=1&_et=14&tfd=2178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TC0C5S6R68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xbloom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TC0C5S6R68&cid=2005672921.1718015117&gtm=45je4650v873467025z89186111886za200zb9186111886&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0&z=799403182
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
worker.modern.js
xbloom.com/wpm@07126ca1w84bbcbafp74979a33mc3de2333/web-pixel-113967328@95b0fddb6823997d81820d590e0c7f47/sandbox/ 		41 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/wpm@07126ca1w84bbcbafp74979a33mc3de2333/web-pixel-113967328@95b0fddb6823997d81820d590e0c7f47/sandbox/worker.modern.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
c93878b91ced821261bcc78807eaf79f60b9031bc190c1b45966b801faa66b46
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding
br
x-permitted-cross-domain-policies
none
age
239730
server-timing
processing;dur=26;desc="gc:2", db;dur=5, edge_cart;dur=1.42;desc="trips=1", asn;desc="22502", edge;desc="ORD", country;desc="US", servedBy;desc="7nsg", requestID;desc="6c697c39-775b-40dc-9d65-826f9aa3808b-1717775387", cfRequestDuration;dur=14.000177
x-sorting-hat-shopid
61157048544
x-shardid
223
x-storefront-renderer-rendered
1
etag
"cacheable:3af43e083abf900fa85b42aba84b0a77"
x-shopid
61157048544
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
text/javascript; charset=utf-8
content-language
en-US
cache-control
max-age=31536000, public
x-robots-tag
noindex, nofollow
date
Mon, 10 Jun 2024 10:25:17 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1,gcp-us-east1
x-cache
miss
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6c697c39-775b-40dc-9d65-826f9aa3808b-1717775387
server
cloudflare
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4G%2Be%2FJH3k6irQY%2BDqVs3haOFruNez7o9OqzQgtrDTTi8S7XtB1gegJ%2FoMEY7ypS9ngxfcFFrfc0QYl7zAZ%2BNh%2B6ltHOg0xpbvGampvaY8wff85jX1fCo3x1IgFg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8918a811795b6378-ORD
x-sorting-hat-podid
223
worker.modern.js
xbloom.com/wpm@07126ca1w84bbcbafp74979a33mc3de2333/web-pixel-96305376@3b1e1efb9bfb36c88040156f7cc8ed3f/sandbox/ 		41 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/wpm@07126ca1w84bbcbafp74979a33mc3de2333/web-pixel-96305376@3b1e1efb9bfb36c88040156f7cc8ed3f/sandbox/worker.modern.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
44d0e3f9f6e2adf133f7aa380064866e62d348a6375080aed89b394b9d017820
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding
br
x-permitted-cross-domain-policies
none
age
239730
server-timing
processing;dur=27, db;dur=6, edge_cart;dur=1.43;desc="trips=1", asn;desc="22502", edge;desc="ORD", country;desc="US", servedBy;desc="6cjz", requestID;desc="9118ab2f-a273-48ca-a620-fb022b14aaf7-1717775387", cfRequestDuration;dur=13.999939
x-sorting-hat-shopid
61157048544
x-shardid
223
x-storefront-renderer-rendered
1
etag
"cacheable:7dd2f5390a7890156b6be746958c1b35"
x-shopid
61157048544
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
text/javascript; charset=utf-8
content-language
en-US
cache-control
max-age=31536000, public
x-robots-tag
noindex, nofollow
date
Mon, 10 Jun 2024 10:25:17 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1,gcp-us-east1
x-cache
miss
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9118ab2f-a273-48ca-a620-fb022b14aaf7-1717775387
server
cloudflare
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5AScraM8M%2BocukeWCqojdO02Js02N9aQN2hkpizmJ%2FLcyqgIoLpZgfn8FHzX4kjHqjDK6dLQaP5NJhc6s6JC5hYY0V06ERYzoOKtukUGYuo%2FrPglj%2Bnthdr9zfI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8918a811795c6378-ORD
x-sorting-hat-podid
223
worker.modern.js
xbloom.com/wpm@07126ca1w84bbcbafp74979a33mc3de2333/web-pixel-shopify-app-pixel@090/sandbox/ 		41 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/wpm@07126ca1w84bbcbafp74979a33mc3de2333/web-pixel-shopify-app-pixel@090/sandbox/worker.modern.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
d76a7edcc5722c4f7e9eff683e16eb6c401ab41c0b609fc453b4a41c5bfa8fea
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
block-all-mixed-content; frame-ancestors 'self'; upgrade-insecure-requests;
content-encoding
br
x-permitted-cross-domain-policies
none
age
239730
server-timing
processing;dur=29, db;dur=5, edge_cart;dur=1.49;desc="trips=1", asn;desc="22502", edge;desc="ORD", country;desc="US", servedBy;desc="6cjz", requestID;desc="a17d5935-60c6-43c2-a7fe-fc3235d0ce60-1717775387", cfRequestDuration;dur=13.000011
x-sorting-hat-shopid
61157048544
x-shardid
223
x-storefront-renderer-rendered
1
etag
"cacheable:e54762ed617dc66e906d549f215c775a"
x-shopid
61157048544
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
text/javascript; charset=utf-8
content-language
en-US
cache-control
max-age=31536000, public
x-robots-tag
noindex, nofollow
date
Mon, 10 Jun 2024 10:25:17 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1,gcp-us-east1
x-cache
miss
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a17d5935-60c6-43c2-a7fe-fc3235d0ce60-1717775387
server
cloudflare
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0jGq%2BrpKllN8AfCt6fDFi4rGwPxocn4PDp6LUiB0Vo5H1tcDtE9YzQ3D8FzGXlK%2BBtK9hrOSLWPw4iZB4CBWskR9kEdv0JPxk%2B8dW%2B6GlfU1aNbkCIqo2vWQO9Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8918a811795d6378-ORD
x-sorting-hat-podid
223
consent-tracking-api.js
xbloom.com/cdn/shopifycloud/consent-tracking-api/v0.1/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/storefront/load_feature-9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
1035e9cc3cae8a8c0ecf11ab3bb7c3b9af4c1d27bf25fe66c9d257784dc7a725
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
297
x-permitted-cross-domain-policies
none
server-timing
imagery;dur=325.008, imageryFetch;dur=27.024, cfRequestDuration;dur=14.999866
alt-svc
h3=":443"; ma=86400
content-length
4692
x-xss-protection
1; mode=block
x-request-id
d2ebb296-894a-461b-86cb-cbeb75515f62-1718014820
last-modified
Mon, 10 Jun 2024 10:20:20 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1TAc67im%2FgQkOrbsIBMCS3MCt8c2PgzUAEIbkOzel%2FUIgoz69DhgX1NxI1HFvYDE50veNuuBNy0XI3E4pysst252e72Tzwq9ODtmg9JS6HCOmriqeK8Ylshsls%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
accept-ranges
bytes
cf-ray
8918a811c97c6378-ORD
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-sorting-hat-podid
-1
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=YcBdjn
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c83a814729c6f5c82b6336c787881313e70e1bfee11903b93431ca08174aa75
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=900

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:17 GMT
strict-transport-security
max-age=900
age
0
x-cache
MISS, MISS
content-length
736
x-served-by
cache-bos4652-BOS, cache-yyz4547-YYZ
server
nginx
allow
GET, HEAD, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=10
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Accept-Language, Cookie
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
0, 0
full-forms
static-forms.klaviyo.com/forms/api/v7/YcBdjn/ 		45 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static-forms.klaviyo.com/forms/api/v7/YcBdjn/full-forms
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d388f4371ff8b0c732d09cdbf186ba66c087c507faf9bc85c96b817742a1314e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
pUFtit5sxNFP3SQS7QsZHndCjfpk1ujv
content-encoding
gzip
via
1.1 varnish
date
Mon, 10 Jun 2024 10:25:17 GMT
x-amz-request-id
246M3X25AF1X0AM8
age
870837
x-amz-server-side-encryption
AES256
x-cache
HIT
client-geo-continent
NA
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
full-forms/shared full-forms/YcBdjn custom-fonts/YcBdjn
content-length
6373
x-amz-id-2
wJkGRzY0V4HoKppc/ROJjHgtkAa9MfK3miWDy7JN/ChkW/kvluhacS6gjAdFs/Pc60D+Q9Trr8U=
x-served-by
cache-yyz4539-YYZ
client-geo-country
CA
last-modified
Mon, 20 May 2024 02:14:56 GMT
server
AmazonS3
x-timer
S1718015117.350589,VS0,VE1
etag
"68d0a87eb392906e05815f72b758190a"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
client-geo-continent, client-geo-country
cache-control
max-age=5
accept-ranges
bytes
x-cache-hits
0
258c8a9a-914e-45e9-ab8b-43544cba4ffc
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/258c8a9a-914e-45e9-ab8b-43544cba4ffc
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1a0df700b4ecb7dafc107c659ba028b9f69cfb82ee41a7dbecdcba217c5c8f6
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:17 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8900b9bed95b6797-SEA, 8900b9bed95b6797-SEA
x-runtime
0.017450
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f1a0df700b4ecb7dafc107c659ba028b"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kVcaRlUYL%2Ba1tRFt7GrE2C3AlIwShVuU4iyDsST71KPmhli%2B7P9BPfJ71oI510V6dNAA%2BUVrtUfU2fa6IF%2BEFF3IwXapFmB6SePq86bk4r%2FVBznhRDRu%2BrZuMYX%2FDXeomQQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8918a81389aa5479-YYZ
collect
www.merchant-center-analytics.goog/mc/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.merchant-center-analytics.goog/mc/collect?v=2&tid=MC-9LV2MQ6D8W&gtm=45ve4650v9174265079za200zb9186111886&_p=1718015115726&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2005672921.1718015117&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2F&dt=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&dl=https%3A%2F%2Fxbloom.com%2F&sid=1718015117&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2309
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=MC-9LV2MQ6D8W&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xbloom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.349061f2d87d84c4c336.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.349061f2d87d84c4c336.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-4996469.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-93.iad89.r.cloudfront.net
Software
/
Resource Hash
5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:43:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 14d757a67b913f1bc93427e69819362c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1
age
427330
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56093
last-modified
Wed, 05 Jun 2024 11:42:10 GMT
etag
"4aa8ac29ac41e30cfd27b0bfd1a19aca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
aW1ZCQB4YgSZj9NzszlK-Mo7GaQiaHQhxpnRsg_SRAB8QPEQsNHaTg==
main.MTRiM2JhOTViMw.js
analytics.tiktok.com/i18n/pixel/static/ 		351 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMw.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGPVD3RC77U2K12E26M0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.18 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-251-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
02069ea1083a50d86483f22aae2e329e0d684c7392a0b5d30ea085fcab51ce2f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
1eea964
date
Mon, 10 Jun 2024 10:25:17 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240605160954D3B8BDBA4725AD2CACA3
x-tt-trace-id
00-240605160954D3B8BDBA4725AD2CACA3-03034245A59D96E6-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-220-107-18.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01a3e2173359e92b52e3574bdf77bf8a758b22918c48dc55894fce0a463e6a8b8bcfc9f9925aeb560b335791956e6d5cdb90b9e7e543df67e8982cfa1b77264faff2de185d277acb52222e6e4a87008eae882b6d69c2d3c343555a2785cf761b94
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
103568
produce_batch
xbloom.com/.well-known/shopify/monorail/unstable/ 		0
759 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/wpm/b07126ca1w84bbcbafp74979a33mc3de2333m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jun 2024 10:25:17 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
server-timing
cfRequestDuration;dur=46.000004
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
x-request-id
4b9463c0-84f0-443b-90b6-96281bc6ec7a
server
cloudflare
x-download-options
noopen
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F69ojFrE2HR6bemDneBgDkzRp0H%2BYc%2BdgseJDbDGPrBoqATmp%2FhCcmvtDARfwtlwUEvd7W481hRQuKRL%2F2KUV94aVHVfSWEyDxxStRQFECD6N6gvWM0Weuv3s88%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://xbloom.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8918a8134a4e6378-ORD
766093807688431
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/766093807688431?v=2.9.157&r=stable&domain=xbloom.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0f4195905c9e63a6f4e163e8b6af65384810d3643cf72590ed6a4220dab34a80
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 10:25:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=61, mss=1392, tbw=63495, tp=-1, tpl=-1, uplat=48, ullat=0
pragma
public
x-fb-debug
dqeGXunQhxX5fH2N/8EeeKdCLhdvDPYGyMq0VPT0euJ3+5PsKgFCrWVcc97GlERQTU2jrXFDfTudfgMP6snBAA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=69096784&t=pageview&_s=1&dl=https%3A%2F%2Fxbloom.com%2F&dp=%2F&ul=en-ca&de=UTF-8&dt=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABBAAAACgCIAB~&jid=907378759&gjid=721243292&cid=2005672921.1718015117&tid=UA-226376740-1&_gid=1238203051.1718015117&_slc=1&did=BwiEti&z=2080159200
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xbloom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-226376740-1&cid=2005672921.1718015117&jid=907378759&gjid=721243292&_gid=1238203051.1718015117&_u=YCDAgEABBAAAAGgCIAD~&z=741377377
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Jun 2024 10:25:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xbloom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=69096784&t=pageview&_s=1&dl=https%3A%2F%2Fxbloom.com%2F&ul=en-ca&de=UTF-8&dt=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAUABBAAAAGgCIAD~&jid=211079210&gjid=1105975282&cid=2005672921.1718015117&tid=UA-226376740-1&_gid=1238203051.1718015117&_r=1&gtm=457e4650z8873467025za200zb873467025&did=BwiEti&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=1711242343
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xbloom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10940060479/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10940060479/?random=1718015116966&cv=11&fst=1718013600000&bg=ffffff&guid=ON&async=1&gtm=45je4650v873467025z89186111886za200zb9186111886&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fxbloom.com%2F&hn=www.googleadservices.com&frm=0&tiba=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&npa=0&pscdl=noapi&auid=1517631280.1718015117&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLkJUBSdiSncRU2nQ4BzB-xOdvJfaMQw&random=2359624329&rmt_tld=0&ipr=y
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/10940060479/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/10940060479/?random=1718015116966&cv=11&fst=1718013600000&bg=ffffff&guid=ON&async=1&gtm=45je4650v873467025z89186111886za200zb9186111886&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fxbloom.com%2F&hn=www.googleadservices.com&frm=0&tiba=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&npa=0&pscdl=noapi&auid=1517631280.1718015117&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLkJUBSdiSncRU2nQ4BzB-xOdvJfaMQw&random=2359624329&rmt_tld=1&ipr=y
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter+Tight:ital,wght@0,400;0,600;0,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e7a6d10042ee9813379a17eb3e192481d7addc6b28e08914cd5a3711ccb32c62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 10 Jun 2024 10:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 10:25:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jun 2024 10:25:18 GMT
dts2hii.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/dts2hii.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3705 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7d106cfea77230388021377f41c79fa839272a82f51852ff60866e12b2aee526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 10 Jun 2024 10:25:18 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
883
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.18 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-251-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
1eeb05f
date
Mon, 10 Jun 2024 10:25:18 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240521140000AC406E6C94997E4177E3
x-tt-trace-id
00-240521140000AC406E6C94997E4177E3-48C41EA43A6C5CC6-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-220-107-18.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010d85662a169e79f6f7c4d7404053a4e2b7cbe3ff026ee755eb8b9424be2687874414527196fa031499a85db1f707521e86fadf6284ef70f4ad529932842c02be927b49f1c5ae1e7577f235cf68e8122450b71014881c90f07d08437e4155496e
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=1
content-length
39838
enrich_ipv6
analytics-ipv6.tiktokw.us/ipv6/ 		0
747 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics-ipv6.tiktokw.us/ipv6/enrich_ipv6
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da47 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
27523562
date
Mon, 10 Jun 2024 10:25:20 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406101025206CA366C58CC570B4E2B8-071FA73DB1FDDCDC-00
x-cache
TCP_MISS from a23-222-2-71.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56655770) (-)
server-timing
inner; dur=14, cdn-cache; desc=MISS, edge; dur=1, origin; dur=18
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202406101025206CA366C58CC570B4E2B8
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.222.2.71
x-tt-trace-host
017182303f33667bdffaee3d51ce3680e5b479933abe85faf624c535e6045064671718f9104cd9f2fca4275d9d525c0e199dd1b2ee9cbe44f08d2d6eedf604c5a9e066685acf4155924a83c615a528711334ffc68daaac109ce11a3e2c426e7c603059af0b1bdeafa60c3a3187e30a44dd
access-control-allow-headers
Authorization,*
expires
Mon, 10 Jun 2024 10:25:20 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.18 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-251-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1eec5b1
date
Mon, 10 Jun 2024 10:25:20 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240610102520FE90B12D04680D54C318-02875E4BB4FC5E94-00
x-cache
TCP_MISS from a23-220-107-18.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing
inner; dur=25, cdn-cache; desc=MISS, edge; dur=10, origin; dur=28
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240610102520FE90B12D04680D54C318
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
29,23.220.107.18
x-tt-trace-host
01a8cb4daaf08510a8944058f62c049faefe8542e9b6b298387964636c5d954aeea00bff2b362d63567bf25aa06edf8ab3ca64578efe5dab5ce67256512948848432e237e1f2a0948efab10217ecdf0808db0d7d37882fb68a818a11e8857d82fa
access-control-allow-headers
Authorization,*
expires
Mon, 10 Jun 2024 10:25:20 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-226376740-1&cid=2005672921.1718015117&jid=211079210&gjid=1105975282&_gid=1238203051.1718015117&_u=YCDAAUABBAAAAGgCIAD~&z=1679402066
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Jun 2024 10:25:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xbloom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
web-widget-main-a978070.js
static.zdassets.com/web_widget/messenger/latest/ Frame 002F 		461 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=258c8a9a-914e-45e9-ab8b-43544cba4ffc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19c5a5e583a11667b86cba836ddd41bef6116104f6e5da81a50fdd255600f8ed
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:18 GMT
x-amz-version-id
ehR6BY0i.WRVSKm8Ew5t9v7K7OEkw7a7
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
00HRXB2GFJWN3XDS
age
250979
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
/c9qD2ASZcXzj0cQpqaF3Aa5EvHeR2pCIsCJNOsWVrO4cL8CzvSoDUTs6NDt/k0a5jq+tU+ODbM=
last-modified
Fri, 07 Jun 2024 11:10:13 GMT
server
cloudflare
etag
W/"328ae636a1df3296d98428ab287c2338"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v68d94FeVboU0gKkZ2OPBo5M0G4rEeGXUtPiO6KGBh0EDwPf3epy7N2Qas7t1HZwkZ2CZjNekC4X1F0aUaua8PyT3Ihv3uoU1K2GDG%2Bbgwgsr9H0u5QuyiFrhM%2FFawmWDyLlnFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8918a8184e4eab2e-YYZ
access-control-allow-headers
*
expires
Sat, 07 Jun 2025 11:10:11 GMT
produce_batch
xbloom.com/.well-known/shopify/monorail/unstable/ 		0
764 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/.well-known/shopify/monorail/unstable/produce_batch
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/wpm/b07126ca1w84bbcbafp74979a33mc3de2333m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jun 2024 10:25:20 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
server-timing
cfRequestDuration;dur=42.000055
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
x-request-id
1925e6e3-f6b2-4cdb-8342-875888d5ce37
server
cloudflare
x-download-options
noopen
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJUBmhIdvOpgFs2xtOagyHY%2FuWJXvg%2FI34AEhpLJ%2B9wdzIBPCeNGG%2B4qfJpfDoj2EYUgRTrE4WbsEmBlDH1JjaI1lK%2F2IulrKIMxSZ%2FXf3bFwo0v%2BitcBNzPaoc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://xbloom.com
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
cf-ray
8918a8246aac6378-ORD
act
analytics.tiktok.com/api/v2/pixel/ 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.18 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-251-18.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1eed0b7
date
Mon, 10 Jun 2024 10:25:21 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240610102521B5F1306EA9712C56119C-0CDCEC97FFBDFC9A-00
x-cache
TCP_MISS from a23-220-107-18.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
server-timing
inner; dur=14, cdn-cache; desc=MISS, edge; dur=10, origin; dur=17
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240610102521B5F1306EA9712C56119C
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.220.107.18
x-tt-trace-host
01a8cb4daaf08510a8944058f62c049faefe8542e9b6b298387964636c5d954aee2bacd94cde5cc12bd27786cc6fdbf323b4c5d05b27516221ad23f28685bb03be27cc5d723c389df758c615ed8139f50b0e53bfaf00f7c15b3bee60c71fb3c9e8
access-control-allow-headers
Authorization,*
expires
Mon, 10 Jun 2024 10:25:21 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=766093807688431&ev=ViewContent&dl=https%3A%2F%2Fxbloom.com%2F&rl=&if=false&ts=1718015118009&cd[link]=https%3A%2F%2Fxbloom.com%2F&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718015118007.29958145413376368&ler=empty&cdl=API_unavailable&it=1718015117343&coo=false&rqm=GET
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=2817, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 10:25:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=766093807688431&ev=ViewContent&dl=https%3A%2F%2Fxbloom.com%2F&rl=&if=false&ts=1718015118009&cd[link]=https%3A%2F%2Fxbloom.com%2F&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718015118007.29958145413376368&ler=empty&cdl=API_unavailable&it=1718015117343&coo=false&rqm=FGET
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x67ef8da67c734473","source_keys":["1","2"]},{"key_piece":"0xd3673ff4a4fd2b86","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 10:25:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=3167, tp=-1, tpl=-1, uplat=43, ullat=0
pragma
no-cache
x-fb-debug
rsI/etGaHznmsi/qGxf8f/vhBX9CINuuuIFNaRv6eQZ1SOD7/gtY+sTeIyPpyNRyWhHWBFAi5j9AcHkcMhvfpw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=766093807688431&ev=PageView&dl=https%3A%2F%2Fxbloom.com%2F&rl=&if=false&ts=1718015118012&cd[link]=https%3A%2F%2Fxbloom.com%2F&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1718015118007.29958145413376368&ler=empty&cdl=API_unavailable&it=1718015117343&coo=false&rqm=GET
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=2817, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 10:25:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=766093807688431&ev=PageView&dl=https%3A%2F%2Fxbloom.com%2F&rl=&if=false&ts=1718015118012&cd[link]=https%3A%2F%2Fxbloom.com%2F&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1718015118007.29958145413376368&ler=empty&cdl=API_unavailable&it=1718015117343&coo=false&rqm=FGET
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x8b684e4f933f9c4e","source_keys":["1","2"]},{"key_piece":"0xb8fff9d5781c9e05","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 10:25:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=6841, tp=-1, tpl=-1, uplat=47, ullat=0
pragma
no-cache
x-fb-debug
a1ZKfzdlUW0Kxym87LFwmghKN+s9BP7N5XiF4uNQOdKmZICGvpHuTO14JMDRFlYU9pUt1I51QsEWbENy5r/xYQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
fonts.gstatic.com/s/intertight/v7/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/intertight/v7/NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter+Tight:ital,wght@0,400;0,600;0,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 05:33:50 GMT
x-content-type-options
nosniff
age
276688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45072
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:57:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 05:33:50 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=dts2hii&ht=tk&f=10294.10296.10300.49450.49453.49454.49456&a=101184592&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dts2hii.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3727 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:18 GMT
last-modified
Fri, 14 Jul 2023 12:54:09 GMT
server
nginx
etag
"64b14571-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
en-us-json-a978070.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 002F 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-a978070.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:18 GMT
x-amz-version-id
roDd.KMZAxEYNanj1CdT6iSqEXWztBnS
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8GZV1GBG5950FVR1
age
250979
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ys29Ds5dHSvuculyzNPuPd2XHCqkmoPjmXnciwTbfUGY+HIKZqlKSHN58SjTPikeWsya2wb2ed8=
last-modified
Fri, 07 Jun 2024 11:10:14 GMT
server
cloudflare
etag
W/"8f0c2ab0bd14e9e847312f7e99adb66d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=189Sgwf%2FMgYU5KWlOvXKYoxF5ciArNk8tHjht1jnZCQKbReqy6LWsO6tZrZBLfEHrmEfArcXMTQmaAkXQ8WFCmIq%2FPa5JLFeYPUE2f%2B1QxlKvf1af4gpuhbS7Z28mwsDNcZcDQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8918a81bd819ab2e-YYZ
access-control-allow-headers
*
expires
Sat, 07 Jun 2025 11:10:13 GMT
web-widget-4852-a978070.js
static.zdassets.com/web_widget/messenger/latest/ Frame 002F 		139 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-a978070.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:18 GMT
x-amz-version-id
ztqGMvloCSKnNutv06MwHwKMsTHBn79d
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8GZMMD2E18PB33DY
age
250979
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZC2gVlKwv2ISNUao6KMpq7SrEZDgT/W/VLxa/nJLXxH5pZ1I2gr9YdW6xORdkhOfObwK8nuvx1Q=
last-modified
Fri, 07 Jun 2024 11:10:12 GMT
server
cloudflare
etag
W/"40fb729956c4a956df4256614af4b393"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVpkySxyw7VErLNARwWWXi2QGMNZqOSoMFmpHlTPsQZivNDiy5uy8dyFyBf05IsDiTCHQLOPDAhUSTOeX1TBiahqfo5wNG0xs%2B8wnycHFFFSiXTf2HAK%2BWE0Y8E0xmiZoalnIDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8918a81c184bab2e-YYZ
access-control-allow-headers
*
expires
Sat, 07 Jun 2025 11:10:11 GMT
web-widget-9527-a978070.js
static.zdassets.com/web_widget/messenger/latest/ Frame 002F 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-a978070.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:18 GMT
x-amz-version-id
jOkr9FYSVYNBIqdsaEPlxAb7GyFYdllP
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8GZXAVWKXSHM62EE
age
250979
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
N5gX/JQRbW69s5SYJQBcWnR+FGwI3xQYc792jbtbPD9ygzld0TkzQ8cj/66aHbpBX88h+F6BQeneAtJxeFXc8w==
last-modified
Fri, 07 Jun 2024 11:10:12 GMT
server
cloudflare
etag
W/"083d4fe56f4013855997ad6d21392f69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=amuIjeZJue7e7W5g%2BVukENuuXYwGz5sxerGJTRhosq4peK5sZ%2BnIEimlKlqzMOs3RvGN9%2BGT8u9P7FhqyhFXzr%2B2hy6ygiH0tBmj0zoxE85MA%2FLhTzq3J3%2FVRukJmGwubSz4584%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8918a81c6869ab2e-YYZ
access-control-allow-headers
*
expires
Sat, 07 Jun 2025 11:10:11 GMT
web-widget-2306-a978070.js
static.zdassets.com/web_widget/messenger/latest/ Frame 002F 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-2306-a978070.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
x-amz-version-id
i6kooz2BEfzv7zw.eDKDfaCysLV6.gNe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8GZKBRC1EASSASTV
age
250980
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
CBz2S2zLe6WfdbSPuGWOwIvRfNihcf4WyRhadjwpqT4JNtwaow1Id95BxYdkn+5RGg1I5ZtFGlY67DrR2WZz07I4K47Hv7GZ
last-modified
Fri, 07 Jun 2024 11:10:12 GMT
server
cloudflare
etag
W/"1b2c14135523982db180c989ec11c5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I90CjYVKpNEzXeffupEvnuE9EIIXN60VA1mrncq8ACyyhwRE8qUJhvXqHCWaNdIaZOALO6Y0LE9ZBYXz95OfiKopIjfspwBPok4mapD47GBlv5l3yxowMv848ap0%2BC18WfC9h2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8918a81dd904ab2e-YYZ
access-control-allow-headers
*
expires
Sat, 07 Jun 2025 11:10:11 GMT
web-widget-5178-a978070.js
static.zdassets.com/web_widget/messenger/latest/ Frame 002F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-a978070.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
x-amz-version-id
Ytq7cHmNoPs2TG544V9gsdXj7Cz86Yrn
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8GZNDXJ0E40WPDHR
age
250980
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
BEv8VUXtJsNUPP5/wMMd8dwQ2fPc+rpwYQ3NqFM1TuHVPg3GEkEPCo+ZYbUeYk0393WQzPNA2oW+ekwLI7tm1A==
last-modified
Fri, 07 Jun 2024 11:10:12 GMT
server
cloudflare
etag
W/"7ea6a03ae546d28215fb61ff43d384ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rNunAQG%2BilFaTpHgokVtT0LiYjrb1D%2F8WkwoGZnwtmezSR860rfJN95%2BPMnPwNE3gjSIRsQjLsE3z7aIG03BjMah%2BiV3oOCLkS%2FVbFlr4PGMbWTIS%2ByUHeI3LJ%2BgP5EiQHd8FJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8918a81df90eab2e-YYZ
access-control-allow-headers
*
expires
Sat, 07 Jun 2025 11:10:11 GMT
web-widget-9535-a978070.js
static.zdassets.com/web_widget/messenger/latest/ Frame 002F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-a978070.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2533c8e2ab843fab73ebf949f41959aa93a9376019e8d9ec57fb79fdcfdd980
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
x-amz-version-id
o1nFRiGBOD3F8X.Q4kj62M5x0do5VzeF
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8GZZMQE4AYZ61E5S
age
250980
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
zxp22R0DoSACaSo0ZLIUzyuQHKrc35Dq5gROEw1r1oLmg5n0T9tLxv+ASVdsZS5SP6Iapxnjm5EZFYeUAcsEg/NHTlLKRc+s
last-modified
Fri, 07 Jun 2024 11:10:12 GMT
server
cloudflare
etag
W/"9fcec5882e8ed5ae7af4c4a36c84ba05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hDvk6qor%2B97uLEGn21sPGClQaiIQMtjewXsfF1oQsieThkgQvhupVMvNgyrWXlIBwWXZ0RkAJ0Sbrxl594IdaVngVZperC6KLpj%2FnlE64reetT4vh6LCCNRPxatLInMeqbIYa3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8918a81ee96fab2e-YYZ
access-control-allow-headers
*
expires
Sat, 07 Jun 2025 11:10:11 GMT
pv
tbdxsupport.zendesk.com/frontendevents/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tbdxsupport.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8918a81e3b28b408-YYZ
date
Mon, 10 Jun 2024 10:25:19 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1WSx9WU5rxt0Aknj%2BwS65GCpn5vSXKKOenzDbaPa0HRHHeDOvZeidX4s2Nc0yG6uO6NCxlwMc0K21UFdpa8uiFKmgCHUxjGHKVTSlaLyj3SZrA5SYKvxZfgGbQ%2FXeHcvXDjXuK%2Fbruer"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8918a81e3b28b408-YYZ
x-zendesk-zorg
yes
pv
tbdxsupport.zendesk.com/frontendevents/ Frame 002F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tbdxsupport.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BUJpkfy79iFM0DREi1KiWksGJZPBCQGfWRQrT2WE4%2Fo2uHv4qTlmzRT0uiE8Ojid%2BMPwicowM2mioczMznFzebOVpWX1ouDMoEyI%2BFxvBVRvaGJX3hSC8PWaJsgjT8hzoLKMC9e0fC%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8918a81f2b97b408-YYZ
content-length
0
x-request-id
8918a81f2b97b408-YYZ
config
tbdxsupport.zendesk.com/embeddable/ Frame 002F 		801 B
967 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tbdxsupport.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a978070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d0b0fb18c61e7ad43efba582ebf78bad5c5770284df6f85b05faeb60c83e527

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-6775975d79-cbj7v
x-cached
MISS
x-runtime
0.001950
last-modified
Mon, 10 Jun 2024 10:09:57 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r5Hiq6oHqP1uaVbbJUlJuybKTtPqq0NaxCzNKBKDeY0LY%2B2zIIoTR6qDOJNnIgeaH89oqbSriZQ1lHOLJwqobNVNsAoQMC5aSLDOLaaJnalcXReTfQajJuoDH6TrncfcH%2Fa7FUjgKEfC"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
8918a81e3b27b408-YYZ
bab3344672fd16dbd37c712a2.js
chimpstatic.com/mcjs-connected/js/users/61386830a15b1471801379358/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/61386830a15b1471801379358/bab3344672fd16dbd37c712a2.js?shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.23.138.46 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-138-46.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
932bdc4c22755a8e867cc1dd8c24649a15dc6924fe8bb8bbfc58e2b8f25a99fe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-EdgeConnect-Origin-MEX-Latency
14
Date
Mon, 10 Jun 2024 10:25:19 GMT
Content-Encoding
gzip
x-amz-request-id
9JSJ5952STAGYGHV
X-EdgeConnect-MidMile-RTT
0
Connection
keep-alive
Content-Length
3843
x-amz-id-2
CIIJUImTOexwkcbhVLNQbGFavGIArCiod5Pkk21JF8pmoucMg5H/0huvzbTEXAUmagZQHQ5VOJ8=
Last-Modified
Tue, 19 Apr 2022 02:47:17 GMT
Server
AmazonS3
ETag
"9db810b9b20eb3aa951a3aa37b221dbf"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=286
Accept-Ranges
bytes
Expires
Mon, 10 Jun 2024 10:30:05 GMT
conversions.js
sdks.automizely.com/conversions/v1/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.automizely.com/conversions/v1/conversions.js?app_connection_id=17a8f4f3a9994de482acb86137253bea&mapped_org_id=dbd18c4ad2b6b85d1eee821997143563_v1&shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b44b13a08318d95cca7f82b64efee555f5a7170a49ff95a27f2a74be96b20e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000
x-amz-request-id
9961YTWHT645H0H2
content-length
4328
x-amz-id-2
xfSPFKo8ZWGgzL4cUHNpAuNNw5rPzYFz8cTNEfVoZLwExmZSHib5UJ0YuMhUJcwxx73d3RJiHJI=
last-modified
Mon, 03 Jun 2024 03:02:56 GMT
server
cloudflare
etag
"084ab5905f97d47b958fbbaf1d5a7baa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8918a8217f7536a1-YYZ
expires
Tue, 11 Jun 2024 10:25:19 GMT
grin-sdk.js
d38xvr37kwwhcm.cloudfront.net/js/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js?shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2501:7000:15:decf:f580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5612f69b7e9bc926acd5b28953653996ec75e6de73fdb110f3598c28754a610

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
U6nGJyHrP5bKUSzRLYY8LHZiiNaB0WI_
content-encoding
gzip
via
1.1 0cb8928139de73eb220c70ed65a3d18a.cloudfront.net (CloudFront)
date
Mon, 10 Jun 2024 07:58:21 GMT
last-modified
Wed, 15 Feb 2023 20:44:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5
age
8819
x-amz-server-side-encryption
AES256
etag
W/"1d29e2190be6665be84c49429278090f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
SwTb2quiAwxEioc7SEjP-lfLYtkia8cGbg7r8Ydm3n_AMhwPOVFRSg==
shopify_referral_serve.js
d1xlc0a8mald46.cloudfront.net/ad09820a-b62d-42d8-a9ac-cc20c9ed5e1f/js/
Redirect Chain
  • https://referralprogramapp.com/js/shopify_referral_serve.js?shop=tbdxcoffee.myshopify.com
  • https://d1xlc0a8mald46.cloudfront.net/ad09820a-b62d-42d8-a9ac-cc20c9ed5e1f/js/shopify_referral_serve.js?shop=tbdxcoffee.myshopify.com&cnjrd=bYghTnTU29SiPYeftQqxn1nhNzMqWXTw0W4MoKTO
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1xlc0a8mald46.cloudfront.net/ad09820a-b62d-42d8-a9ac-cc20c9ed5e1f/js/shopify_referral_serve.js?shop=tbdxcoffee.myshopify.com&cnjrd=bYghTnTU29SiPYeftQqxn1nhNzMqWXTw0W4MoKTO
Protocol
H2
Server
2600:9000:201e:2e00:1b:9025:e980:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a5abc9845ae1d2a12a5dfab39204a10dbea4eaee3de51606869aeffa05fb037

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://xbloom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 31 May 2024 06:23:20 GMT
content-encoding
br
via
1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront)
last-modified
Fri, 31 May 2024 06:22:07 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
878521
etag
W/"abaeec3bb9b72dc740f98192f200c8f2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
lkCKixNqySsG5RmEusPGC1YSYXljHMGlO_02eX1Uf0jMEXknXGHDIA==
expires
Thu, 25 Apr 2024 07:30:00 GMT

Redirect headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-security-policy
frame-ancestors 'self' https://tbdxcoffee.myshopify.com admin.shopify.com
via
1.1 19e58616339f974c22a3a07f8f637718.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amzn-requestid
ad080578-0ca7-41c2-b756-aa4312b2a535
x-amzn-trace-id
Root=1-6666d48f-7eba812902da809b025a41cc;Parent=72f06e5760a178d5;Sampled=0;lineage=d66c39b0:0
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
location
https://d1xlc0a8mald46.cloudfront.net/ad09820a-b62d-42d8-a9ac-cc20c9ed5e1f/js/shopify_referral_serve.js?shop=tbdxcoffee.myshopify.com&cnjrd=bYghTnTU29SiPYeftQqxn1nhNzMqWXTw0W4MoKTO
cache-control
no-cache, private
x-amz-apigw-id
ZJYmeFOHrPEEl0g=
content-length
982
x-amzn-remapped-date
Mon, 10 Jun 2024 10:25:19 GMT
x-amz-cf-id
2yz_UlCgygzeXlQwPcDSbZeLdR9VB1s1y_AbjDz9XuChc7u4mjIAfg==
bixgrow-track.js
cdn.shopify.com/proxy/e751152a8f1ae0a5ec6b603f042849055066774f01fc26b182f8a7b7d111d950/d2xrtfsb9f45pw.cloudfront.net/scripttag/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/proxy/e751152a8f1ae0a5ec6b603f042849055066774f01fc26b182f8a7b7d111d950/d2xrtfsb9f45pw.cloudfront.net/scripttag/bixgrow-track.js?shop=tbdxcoffee.myshopify.com&sp-cache-control=cHVibGljLCBtYXgtYWdlPTkwMA
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5189a2fad32f892b7adca7874e5203745a9940ccda9809ae16ed485c273c9fd8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'; sandbox;
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-dc
gcp-us-east1,gcp-us-east1
content-disposition
attachment
server-timing
imagery;dur=91.885, imageryFetch;dur=90.661, cfRequestDuration;dur=48.000097, ipv6
alt-svc
h3=":443"; ma=86400
content-length
4441
x-xss-protection
1; mode=block
x-request-id
83b4ae40-82b8-49f8-918d-0e868ffc17e8
last-modified
Thu, 21 Dec 2023 21:45:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gS92cOdXPeBFQJFt5qkqAv95LhjpD5pH%2FAQMuseGQ0mjmifqGRDinZolXk1bWKR%2FkmzH0K0zcODi1WySafdG0EBSx4WeKipb2kWPzRtOViAn1RWymBtj7%2BQJ1UdvWwH1jOcTDogc2af6UrTsmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/proxy/e751152a8f1ae0a5ec6b603f042849055066774f01fc26b182f8a7b7d111d950/d2xrtfsb9f45pw.cloudfront.net/scripttag/bixgrow-track.js>; rel="canonical"
cf-ray
8918a81f2cd4ac3a-YYZ
init
social-login.oxiapps.com/api/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://social-login.oxiapps.com/api/init?vt=928351&shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.197.53.66 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
66.53.197.104.bc.googleusercontent.com
Software
nginx/1.12.1 / PHP/5.5.9-1ubuntu4.24
Resource Hash
d63fff0cfccc84d53cc27cf47326e737029e37b5fe254740389c0dedf8ab4713
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
public
Date
Mon, 10 Jun 2024 10:25:19 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-modified
Mon, 10 Jun 2024 10:22:31 GMT
Server
nginx/1.12.1
X-Powered-By
PHP/5.5.9-1ubuntu4.24
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
max-age=132, public
Connection
keep-alive
Expires
Mon, 10 Jun 2024 10:27:31 GMT
/
str.rise-ai.com/ 		134 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://str.rise-ai.com/?shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:18ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
35c934dbb166a49c7413207672b30c1ff65d0c8ad83ef770fdbc021f6d7af4b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1623613
etag
W/"21698-Mf/qWjPFWwPi0d56HlCpn5Fqpdg"
x-powered-by
Express
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
8918a82179c7ac0c-YYZ
access-control-allow-headers
X-XSRF-TOKEN
/
strn.rise-ai.com/ 		155 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://strn.rise-ai.com/?shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d438834845654960328b6052f38cdb8ed7d8a265f2254c50cb9fee8126f0a399

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1623613
etag
W/"26b1b-/tw2bnvm+rX7qEkQh42FNxx+fIU"
x-powered-by
Express
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
8918a8220af7ab63-YYZ
access-control-allow-headers
X-XSRF-TOKEN
get_script
gtm.gropulse.com/ 		390 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gtm.gropulse.com/get_script?shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:d7c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d4dce62015f8a1606957825ef7ddd32daf49c85930e5ac3c96e2e680d4d01b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E3zIPnCtEK1Qyr5zPt%2BR74vn5jpUmmTgeh4GagTRJM1aToosTSltSIW2o6jXMuR3ctb2oaUhLYR7VtKer1cP8kq9ie1UKWu58AD8JjwObTvMkvvKOafF9a3AI6g4%2FZX%2Bpxd2ZdNtfDqBc%2FZ%2B0%2FKz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8918a822786154cd-YYZ
alt-svc
h3=":443"; ma=86400
shopify.widget.js
shopify-widget.route.com/ 		74 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopify-widget.route.com/shopify.widget.js?shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2073:a00:18:94b4:d1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
170611b5222295c558d4664f3ab58354c17f15c9775f42fcb4c56940016d2a88

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 18:39:03 GMT
x-amz-version-id
I20x7bULfplPEzHsYGvwvvtf60LuMZ18
content-encoding
gzip
last-modified
Wed, 05 Jun 2024 18:39:01 GMT
server
AmazonS3
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
etag
W/"93830ffc46991d9ed099dd4bf7b7a270"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
56778
x-amz-cf-id
J9GKp6xtjMT1c-buucWmEXt1kNoEbUu31C-PAaBt03radHF7LK7vtQ==
script.js
sfo2.digitaloceanspaces.com/woohoo/public/script/33810/ 		311 KB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sfo2.digitaloceanspaces.com/woohoo/public/script/33810/script.js?1714529301&shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.68.32.225 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
sfo2.digitaloceanspaces.com
Software
/
Resource Hash
51370e76b900a0ed29a015c3276422467b64242f7ac2b3344138d883538bf3b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 01 May 2024 02:08:20 GMT
x-amz-request-id
tx00000f528c8fcbca75dbd-006666d490-5ac52b6e-sfo2a
etag
"a4a77e4c6a356ce22aeba780fce187de"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/javascript
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
318567
awin-shopify-integration-code.js
dr4qe3ddw9y32.cloudfront.net/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dr4qe3ddw9y32.cloudfront.net/awin-shopify-integration-code.js?aid=81871&v=shopifyApp_4.5.0&ts=1716287042460&shop=tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:2a00:17:6686:3380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d1dcc0e8d208ab7fc9e3696acaf21eab8c467bbcf350ce736b9546d19520320

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:35:36 GMT
content-encoding
gzip
via
1.1 29bea082286af4a231cfc553e1b23886.cloudfront.net (CloudFront)
last-modified
Wed, 15 May 2024 09:59:50 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
age
10185
x-amz-server-side-encryption
AES256
etag
W/"52e16b8ea2e7f78c953af12e574c616b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
v4bZRKf-3hIWyYEJV-fsteDSK0gRFPGqUZD9n81tXg1KBfw74b0raQ==
smile-shopify.js
js.smile.io/v1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smile.io/v1/smile-shopify.js?shop=tbdxcoffee.myshopify.com
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/6d4b85b4-49ad-41dd-9edf-210b845311a8/smile-io-78/assets/smile-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:6c00:1:74a3:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ea65de03e2d7b9c589c199f01e42a1f95fe5cb0fa95c6efe7e003a787123345

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
w9Llc3i4Ac_Mj5ETDVlv0mvzNxmUKryA
content-encoding
br
via
1.1 03a399d73bdcccc9e7ad44d059b07ef4.cloudfront.net (CloudFront)
date
Mon, 10 Jun 2024 10:25:20 GMT
last-modified
Mon, 10 Jun 2024 06:57:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C1
age
96
etag
W/"f1976014fbaad355084ac1372e4ea5fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
WATgFQhKgnxMW9re310TikhhfMPE5z67N2gTuFBpztWOmeR_hdRqtQ==
runtime.latest.en.b551ee20ebd5234699e8.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.b551ee20ebd5234699e8.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:21 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
217552
server-timing
imagery;dur=30.825, imageryFetch;dur=30.578, cfRequestDuration;dur=10.999918, ipv6
alt-svc
h3=":443"; ma=86400
content-length
3382
x-xss-protection
1; mode=block
x-request-id
c6ee0a25-c081-4cc9-a628-83dfceddfc35-1717797223
last-modified
Fri, 07 Jun 2024 21:53:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qiifgwDa77xwS20HmbomwpPyxbj2wWPVNTB%2BNrbJ0agkA0S35QOSOMdrtJ5JTkzY8GbRE8aSl5wU0bdB9wHQGo%2BSCJb%2FVdGarpkQULjIjhtENOtprKr%2Fg%2FuD8%2Bmd6JB85rpTGWWCTiN7oM6VCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/runtime.latest.en.b551ee20ebd5234699e8.js>; rel="canonical"
cf-ray
8918a82cef4bab6d-YYZ
icon_32x32_4153fcaa-8668-4d61-93cc-f02f242c59b4.png
xbloom.com/cdn/shop/files/ 		529 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cdn/shop/files/icon_32x32_4153fcaa-8668-4d61-93cc-f02f242c59b4.png?crop=center&height=32&v=1684945507&width=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a20f4b9efd327a67288e97dd3d892d8131b968f2b253b5ec5566fa78b706bf3b
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2377743
x-permitted-cross-domain-policies
none
source-type
image/png
server-timing
imagery;dur=68.121, imageryFetch;dur=53.701, imageryProcess;dur=13.512;desc="image", cfRequestDuration;dur=13.999939
source-length
481
content-length
529
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
2e8e26df-081c-4ae9-ba50-cefcb2740837-1715637376
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 21:56:16 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2FVxtRb1RhlZwPbJdMiu%2BZlfUf09xS6pUMUaE2dGuwxJrspUpAUiEwhIMlV0uanYlUhGEhPDOc3S6qGoJc74OoiDBmDkBlgyHfVTJMEyVXG4rPUOEayYs%2BYgZ24%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
x-download-options
noopen
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8918a81e4f886378-ORD
x-sorting-hat-podid
223
am_635.a7ba0d4d.js
sdks.automizely.com/conversions/v1/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.automizely.com/conversions/v1/am_635.a7ba0d4d.js
Requested by
Host: sdks.automizely.com
URL: https://sdks.automizely.com/conversions/v1/conversions.js?app_connection_id=17a8f4f3a9994de482acb86137253bea&mapped_org_id=dbd18c4ad2b6b85d1eee821997143563_v1&shop=tbdxcoffee.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c80c40945cf8bd857de425a6f1d91fb8adc6a3b0324334b1f91ab818bea5deb2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-amz-request-id
JF9BN43BCWV8Q7MR
age
612782
content-length
3581
x-amz-id-2
fAXnoWxp1M4rKAjAhyXtUwtMXebgLtpyIOWMD4pmGjS8KeWHYEa7LzKZlHoS/j8f96N9pLO+twk=
last-modified
Mon, 03 Jun 2024 03:02:56 GMT
server
cloudflare
etag
"602917da3176615adf435cb39e7e058b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8918a822b81136a1-YYZ
expires
Thu, 08 Jun 2034 10:25:19 GMT
am_113.d3f38c8c.js
sdks.automizely.com/conversions/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.automizely.com/conversions/v1/am_113.d3f38c8c.js
Requested by
Host: sdks.automizely.com
URL: https://sdks.automizely.com/conversions/v1/conversions.js?app_connection_id=17a8f4f3a9994de482acb86137253bea&mapped_org_id=dbd18c4ad2b6b85d1eee821997143563_v1&shop=tbdxcoffee.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fd24e12a9c2fd698d928052f531a1309818c0179f483a5980f4ea2bbfd57832
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-amz-request-id
JF96PSKMSQANV5SY
age
612782
content-length
8264
x-amz-id-2
2i2HEK23kpOJNid/WkF6fEvHhLesPPGXbyghEL/Lr2GJkcUTPwysCT88CdnM6DBFdu0KjlmoORA=
last-modified
Mon, 03 Jun 2024 03:02:56 GMT
server
cloudflare
etag
"bf4940549d5626455208bb50c09b7da6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8918a823484d36a1-YYZ
expires
Thu, 08 Jun 2034 10:25:19 GMT
am_297.3f1e31f6.js
sdks.automizely.com/conversions/v1/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.automizely.com/conversions/v1/am_297.3f1e31f6.js
Requested by
Host: sdks.automizely.com
URL: https://sdks.automizely.com/conversions/v1/conversions.js?app_connection_id=17a8f4f3a9994de482acb86137253bea&mapped_org_id=dbd18c4ad2b6b85d1eee821997143563_v1&shop=tbdxcoffee.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b5ee4407ed9d4857da5924ae5dbe04bbeb582142d822af9b3967388e515088
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-amz-request-id
JF90X4Q7ZA32XAT1
age
612782
content-length
6551
x-amz-id-2
+IfGzxUZf6DN5noZ0725Tv3VEB69izdRwv+a4F9/3xod6MEgGpv76K003IChPo4t4oDghc0VpeywMd1D6vxpRA==
last-modified
Mon, 03 Jun 2024 03:02:56 GMT
server
cloudflare
etag
"36cc51bba37de6e2a406e1778f2e0955"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8918a823685c36a1-YYZ
expires
Thu, 08 Jun 2034 10:25:19 GMT
am_253.88a83350.js
sdks.automizely.com/conversions/v1/ 		73 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.automizely.com/conversions/v1/am_253.88a83350.js
Requested by
Host: sdks.automizely.com
URL: https://sdks.automizely.com/conversions/v1/conversions.js?app_connection_id=17a8f4f3a9994de482acb86137253bea&mapped_org_id=dbd18c4ad2b6b85d1eee821997143563_v1&shop=tbdxcoffee.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5fa5a2dc1dca5fca8b258a511f7444658e3d4e40c1374fca6b57afd115eaf7a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:19 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-amz-request-id
JF9FXBRFJ1EEBNF0
age
612782
content-length
16345
x-amz-id-2
F4RinWemvqeqv+RfR+ba43ZSpISVGYxpSeUY1Qeu2CQ9x2H1rlGOm05g62B/OQtHGFwCKfxQjmSNhQUx7+B2HQ==
last-modified
Mon, 03 Jun 2024 03:02:56 GMT
server
cloudflare
etag
"8334d0e3b9328dc7ceb6ee1340e6c2db"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8918a823685f36a1-YYZ
expires
Thu, 08 Jun 2034 10:25:19 GMT
graphql
bff-api.automizely.com/marketing/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bff-api.automizely.com/marketing/public/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1082 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
am-fe-query-level-1,content-type,conversions-connection-id
Access-Control-Request-Method
POST
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
am-fe-query-level-1,content-type,conversions-connection-id
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
as-req-source
gateway
cf-cache-status
DYNAMIC
cf-ray
8918a8269967b409-YYZ
date
Mon, 10 Jun 2024 10:25:20 GMT
server
cloudflare
strict-transport-security
max-age=15552000
via
1.1 google
dc.js
sdks.automizely-analytics.com/analytics/v1/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.automizely-analytics.com/analytics/v1/dc.js
Requested by
Host: sdks.automizely.com
URL: https://sdks.automizely.com/conversions/v1/am_253.88a83350.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8e98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065adff76ce7de69ae79de218d7cb18d5ba05429a60615cf2a927a6b65a8dd5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YCXR6BS9280G6CKH
age
23
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GVbEW4dtQqRG8fJEtUUehrZ0F72tYzJ/1gl9KOeypiOA4UBLYng6JnBNzzhg1EaS6PAhDfFBCkI=
last-modified
Mon, 08 Jan 2024 03:00:56 GMT
server
cloudflare
etag
W/"1ad01ef5f8c8f80333c8278c90ec0349"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kg4AaALniVIdY5%2BlcERPix8MsLf5wNr4P8TxxEsxrSI53yOlbNmggjQIVNESsFNjwY%2BIAgppEjb5OROZrRkYEcYBducl0baFjITFQ9f1FZ7AjpXQFBC4OU6LqjBjNKUqmctRLNEu24R7ed%2F%2ByABXAwuYypES6XJChWnzRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
cf-ray
8918a8287c24a217-YYZ
am_726.f3ba0c2a.js
sdks.automizely.com/conversions/v1/ 		168 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.automizely.com/conversions/v1/am_726.f3ba0c2a.js
Requested by
Host: sdks.automizely.com
URL: https://sdks.automizely.com/conversions/v1/conversions.js?app_connection_id=17a8f4f3a9994de482acb86137253bea&mapped_org_id=dbd18c4ad2b6b85d1eee821997143563_v1&shop=tbdxcoffee.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf61a77c91590c66e9df31a7957d4101fd7497ffc8d53e71895ac1e012fb9f35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:21 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=15552000
x-amz-request-id
JF9E5BEKY17ZA5SR
age
612778
content-length
52008
x-amz-id-2
y4kn/O+iRJhTjNUMvmVjYYSvwT4A+bIgzOiB7cQCfUh1zN5JqPiFxzNNhXrFh0gWA/ucWnSimY0=
last-modified
Mon, 03 Jun 2024 03:02:57 GMT
server
cloudflare
etag
"afe928fa12a55d6dd69af2e1ba2117cc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8918a82aec5336a1-YYZ
expires
Thu, 08 Jun 2034 10:25:21 GMT
graphql
bff-api.automizely.com/marketing/public/ 		731 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bff-api.automizely.com/marketing/public/graphql
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1082 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530de4dfceee78d2942125bd48f63fc049a1486e96e6eabee8a8fbed0114d6a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
conversions-connection-id
17a8f4f3a9994de482acb86137253bea
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://xbloom.com/
am-fe-query-level-1
1
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
37ms
date
Mon, 10 Jun 2024 10:25:20 GMT
ratelimit-reset
1
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=15552000
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=5, public
ratelimit-limit
4000
cf-ray
8918a827a9e3b409-YYZ
ratelimit-remaining
3903
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js?timestamp=1718015120379
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
c11a1da429bf9a9c94c30937ca282f5a931f9e5e62665c28197d915b80b221b8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:20 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=25, db;dur=7, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="vjhg", requestID;desc="33725524-f630-4f3b-8e57-a63fb9e778d7-1718015120", cfRequestDuration;dur=62.000036
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
33725524-f630-4f3b-8e57-a63fb9e778d7-1718015120
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBOOcTM1ttXMo6aV8FnMoiMSdgFJIYWVfR9A9Ih0zV7rpUUrMdUpS5mPBvdAC5jHwxJHdgao%2FrGBfBsJJwCkqKjfcqxhqTxKgWm%2Bu7Lo6%2BlUp%2FzMYfwGgNxeqWc%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a8269bd96378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
routeins.js
xbloom.com/products/ 		40 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/products/routeins.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
f0e78dd3eab7516b9d924e8e8141788578a72df826a48fbe1c12ef9ff32fd7a7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=7889238
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-permitted-cross-domain-policies
none
x-cache
miss
server-timing
processing;dur=77, db;dur=26, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="bdwl", requestID;desc="393d6830-880b-4f0f-89d4-644a83569071-1718015120", cfRequestDuration;dur=108.999968
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
393d6830-880b-4f0f-89d4-644a83569071-1718015120
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
etag
"cacheable:2c84ab69becde8210b6a2ebc6adc9b21"
x-shopid
61157048544
x-frame-options
DENY
vary
Accept
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D4PHRfFbYCoi0GA9KmiyhEkkUTCwnRISEQs6XsalZZUIIsBT8tLs%2FMIHOlRiFDJ7fFHq4lNLz626xwxDmvpLOTUFXjJ5bNFH7BYHJ4W7F8s%2BLnSDL96WhqNnKbw%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
x-download-options
noopen
cf-ray
8918a8269bdc6378-ORD
x-sorting-hat-podid
223
tbdxcoffee.myshopify.com
shopify.route.com/v1/merchant-info/ 		64 B
331 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shopify.route.com/v1/merchant-info/tbdxcoffee.myshopify.com
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2508:5e00:11:4cd0:7f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bebb2df8fe1c43ab33f73431842dfbc73f6476b2599f131ab697e0d62763c406

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 01:17:07 GMT
via
1.1 31113f2f23c4ce8a8af1d88a37137806.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P1
age
32893
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
64
x-amz-cf-id
JG54_MkAy7bS2wvQz9DAVGO2aHh0mJ5JtMWSzuOmcv0ZpGjI8oTO2w==
81871.js
www.dwin1.com/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/81871.js
Requested by
Host: dr4qe3ddw9y32.cloudfront.net
URL: https://dr4qe3ddw9y32.cloudfront.net/awin-shopify-integration-code.js?aid=81871&v=shopifyApp_4.5.0&ts=1716287042460&shop=tbdxcoffee.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:8800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69471787a0ef7b0148b3bf6f63dd1665afa1918842ac6076aefa902b20e3153d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Aij8cEDRl4ZsR.ldhuRiU_rJGHCHgx6I
content-encoding
gzip
via
1.1 941f9399edc1f082afabdbb29c8909b8.cloudfront.net (CloudFront)
date
Mon, 10 Jun 2024 10:25:21 GMT
x-amz-cf-pop
IAD55-P2
age
81
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 May 2024 09:36:43 GMT
server
AmazonS3
etag
W/"b37b84458df5bd8ea843f16b47dc8b80"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
INP-ANg2TFFZO9OzyPxTDGc-gT5W5dWbvsfhgqQHf8T_2w_t5DhvFw==
init
platform.smile.io/v1/smile_ui/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://platform.smile.io/v1/smile_ui/init?channel_key=channel_33nrc6E6a0RH6cHIk9kXV1Jj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-112-58.iad61.r.cloudfront.net
Software
nginx/1.23.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,smile-channel-key,smile-client
Access-Control-Request-Method
GET
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,smile-channel-key,smile-client
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
age
11127
content-length
0
date
Mon, 10 Jun 2024 07:19:53 GMT
server
nginx/1.23.1
via
1.1 8dd4c7f1d7b55b5ac0fc5b7f8532cf32.cloudfront.net (CloudFront)
x-amz-cf-id
NsyKfZ4kjtS2U6OF9-LJxrTSBpDbPwBN3f3vPWxn2nCLAqerH_M3fw==
x-amz-cf-pop
IAD61-P2
x-cache
Hit from cloudfront
init
platform.smile.io/v1/smile_ui/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://platform.smile.io/v1/smile_ui/init?channel_key=channel_33nrc6E6a0RH6cHIk9kXV1Jj
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-112-58.iad61.r.cloudfront.net
Software
nginx/1.23.1 /
Resource Hash
db882cdd533971020cea3625fbba87daf710866e067ddf3ee7bab74bf51c12aa
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Smile-Client
smile-ui
sec-ch-ua-mobile
?0
Smile-Channel-Key
channel_33nrc6E6a0RH6cHIk9kXV1Jj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://xbloom.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:20 GMT
content-encoding
gzip
via
1.1 8dd4c7f1d7b55b5ac0fc5b7f8532cf32.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2
age
673
x-cache
Hit from cloudfront
x-request-id
4f244778-ad63-4601-88f9-8e05553e3eec
x-runtime
0.007691
server
nginx/1.23.1
etag
W/"db882cdd533971020cea3625fbba87da"
x-frame-options
ALLOWALL
access-control-max-age
7200
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=900, public
content-type
application/json; charset=utf-8
vary
Accept-Encoding,Origin
x-amz-cf-id
duQgFxlwtiZDqnjExzhRX9N6euK48T22RcJK_MIVK5ilIKb0A9xlXw==
smile-lite-31fc61d456.js
js.smile.io/v1/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.smile.io/v1/smile-lite-31fc61d456.js
Requested by
Host: js.smile.io
URL: https://js.smile.io/v1/smile-shopify.js?shop=tbdxcoffee.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:6c00:1:74a3:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4f3502f47ad0418770ac149809cb6999cc7d6a40f3956b16a1c86e7f3365fa9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:15:37 GMT
x-amz-version-id
PrNt14DTzUxyGK_M0RXKdg6fy2fEbqVC
content-encoding
br
via
1.1 03a399d73bdcccc9e7ad44d059b07ef4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
age
11384
x-cache
Hit from cloudfront
last-modified
Mon, 10 Jun 2024 06:57:55 GMT
server
AmazonS3
etag
W/"31fc61d4568089926bdbefc0090c4a45"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
SARWf4odI1JTUA4lCNA8-L9k6I_XunzrAAGJojKy1xN5PgSBEYFAqw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.2/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.2/jquery.min.js
Requested by
Host: referralprogramapp.com
URL: https://referralprogramapp.com/js/shopify_referral_serve.js?shop=tbdxcoffee.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 11:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30094
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 11:15:26 GMT
trace
www.cloudflare.com/cdn-cgi/ 		331 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/cdn-cgi/trace
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5d29edb0718b952e1ee7b9e9a15ba86dc481532ac74acc69dc0a17f0a13842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
8918a82a5ddcaaf8-YYZ
expires
Thu, 01 Jan 1970 00:00:01 GMT
device-detect
app.getwoohoo.com/api/ 		76 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.getwoohoo.com/api/device-detect
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:97c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b15181b6699b00bdd6774c1633b1356abf942bad58a9827543e0fff381d12d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 10 Jun 2024 10:25:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZqXCj6sbMozeyYVHSlrnY3FyN2rrYwC8llA2gqOFmUlxaT6ZoDvr6w%2BDAA0qqSiYdxbpZuj1TC4RRikyTy4%2BxuUNIefZUyAUcykmC%2BXiD%2B%2B%2BmUDMEAjDggfrbfZy9pin%2F8p8n%2FN%2Bw5QwruMfIr5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
application/json
cf-ray
8918a82aed21ab87-YYZ
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
43f76171f35860924a58be5a083d76818b7955df8e7fb7e9707bb970c0910580
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:20 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=15, db;dur=3, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="96kl", requestID;desc="6e716180-4c44-4315-a917-f505d0ed3095-1718015120", cfRequestDuration;dur=49.000025
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
6e716180-4c44-4315-a917-f505d0ed3095-1718015120
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9l6TszgovpI7Ev7pIFOZVPhfVg0H9pO%2FlNk4D079dXSOnPPoIE59ig%2FwwnBHdVm1RR%2ByC3y7n9kGx7li%2BSyLOCXGWw0PiiDRUCILS1ISJJQwLv6v8gDZcwUZctA%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a829dd9c6378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
smile-shopify-892f6927b9974a201622.modern.js
js.smile.io/v1/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://js.smile.io/v1/smile-shopify-892f6927b9974a201622.modern.js
Requested by
Host: js.smile.io
URL: https://js.smile.io/v1/smile-lite-31fc61d456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:6c00:1:74a3:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 07:15:37 GMT
x-amz-version-id
DT_NqX0LUAekriPNWlBSFAVvbvQlVj5o
content-encoding
br
via
1.1 03a399d73bdcccc9e7ad44d059b07ef4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
age
11385
x-cache
Hit from cloudfront
last-modified
Mon, 10 Jun 2024 06:57:55 GMT
server
AmazonS3
etag
W/"b28ce693e85974644f382654c988951b"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
W55FFntLJ9cSP90lhvNbJwTKig3sYlQGagAaOWFyRwSgkIc1S_XUeA==
vendor-058a5826d0ede9909629.modern.js
js.smile.io/v1/ 		0
63 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://js.smile.io/v1/vendor-058a5826d0ede9909629.modern.js
Requested by
Host: js.smile.io
URL: https://js.smile.io/v1/smile-lite-31fc61d456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:6c00:1:74a3:9240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 19:05:11 GMT
x-amz-version-id
jOD0H3CfX_2hkvuhcJWH4hUISHc7kpbU
content-encoding
br
via
1.1 03a399d73bdcccc9e7ad44d059b07ef4.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
age
314411
x-cache
Hit from cloudfront
last-modified
Thu, 06 Jun 2024 17:44:17 GMT
server
AmazonS3
etag
W/"0942ca1a8c6490f8ba7c7fd4e78e9699"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
kPXvc44ObnbdxalDdy4rTHinI3GNwPUAK2c81bfmNavejFlqfA6HXg==
6ab1cc8141dfc891db8418df1765302e361bbfe01ab7bec0fcafe50c1aa6f3d8679cb3d38d49e92f.png
api-uploads-cdn.sweettooth.io/launcher/icon/processed/ Frame BCE5 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-uploads-cdn.sweettooth.io/launcher/icon/processed/6ab1cc8141dfc891db8418df1765302e361bbfe01ab7bec0fcafe50c1aa6f3d8679cb3d38d49e92f.png?color=%23000000
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-5.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42cd1ad0b952a537dd0ef8278f2180988d7d8797337ece6740d2773bd05e24f5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:21 GMT
via
1.1 a2da30f5dacfbd28d77cf4c9702318f8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
age
96
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2406
last-modified
Mon, 04 Sep 2023 07:50:26 GMT
server
AmazonS3
etag
"1120b68a1217209063630b4bc5b1ec14"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=300
x-amz-meta-json
{"name":"launcher275885_customized_icon745.png"}
accept-ranges
bytes
x-amz-cf-id
QEkKBk9Fy-kbJgXBI9UO2JuU0FHkc4v9t2E9pKLYOx6rBJs2Eq7hqA==
graphql
bff-api.automizely.com/recommendation/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bff-api.automizely.com/recommendation/public/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1082 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
am-mapped-org-id,content-type,conversions-connection-id
Access-Control-Request-Method
POST
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
am-mapped-org-id,content-type,conversions-connection-id
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
as-req-source
gateway
cf-cache-status
DYNAMIC
cf-ray
8918a82bcb76b409-YYZ
date
Mon, 10 Jun 2024 10:25:21 GMT
server
cloudflare
strict-transport-security
max-age=15552000
via
1.1 google
graphql
bff-api.automizely.com/recommendation/public/ 		87 B
148 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bff-api.automizely.com/recommendation/public/graphql
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1082 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3abaa90cf9fee5cd6bbdec09a78ecd1dbcf3215d2e753c7705080e216e9341a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
conversions-connection-id
17a8f4f3a9994de482acb86137253bea
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://xbloom.com/
am-mapped-org-id
dbd18c4ad2b6b85d1eee821997143563_v1
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
101ms
date
Mon, 10 Jun 2024 10:25:21 GMT
ratelimit-reset
1
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=15552000
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=5, public
ratelimit-limit
4000
cf-ray
8918a82c9bc2b409-YYZ
ratelimit-remaining
3870
css
fonts.googleapis.com/ 		9 KB
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&display=swap
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
date
Mon, 10 Jun 2024 10:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 09:17:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jun 2024 10:25:21 GMT
143.latest.en.cdcd46f642964c351866.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
76 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/143.latest.en.cdcd46f642964c351866.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:21 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
225577
server-timing
imagery;dur=25.574, imageryFetch;dur=25.390, cfRequestDuration;dur=9.999990, ipv6
alt-svc
h3=":443"; ma=86400
content-length
77220
x-xss-protection
1; mode=block
x-request-id
240c78a7-d9fd-447c-ad25-b76ddcff5a08-1717786309
last-modified
Fri, 07 Jun 2024 18:51:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AOhEthNTWHQXbADeMdhfkPuMfP%2BtCqg1wx0kSavXu%2BbCaz0ur1Raka3nS6uXrxuEthlFADfGdfJ140nlHCV%2BrYTIF5JQktlaExCQlfEYLzgo1Crv5LqCiOkDX8p923FdsI%2BbOCvitYGp5uNPTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/143.latest.en.cdcd46f642964c351866.js>; rel="canonical"
cf-ray
8918a82e9817ab6d-YYZ
protect.core.js
protection-widget.route.com/ 		203 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protection-widget.route.com/protect.core.js?shop=xbloom.com
Requested by
Host: shopify-widget.route.com
URL: https://shopify-widget.route.com/shopify.widget.js?shop=tbdxcoffee.myshopify.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:c200:2:3d40:da40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
397b86e7b252eb25ddab44c44c03e7da08546c532e00c721d2650543573ec040

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 21:27:37 GMT
x-amz-version-id
WJZa4tOkW0pGCvIWEpagHSUTfHa26c.u
content-encoding
gzip
last-modified
Tue, 14 May 2024 21:27:33 GMT
server
AmazonS3
via
1.1 f7d45b5ebcd04bf5d37f0688d4b90670.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P2
etag
W/"c69bec25ea0b23ad6155aa1cfd7e7c1b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
46666
x-amz-cf-id
5UKcp5M4IUYJsT-8tW0TKyaVJk02tBOmDCgHIKkjjFamyFTtx1bZ3w==
lantern_global_81871.min.js
lantern.roeyecdn.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lantern.roeyecdn.com/lantern_global_81871.min.js
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/81871.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2508:e600:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a244fff3609977e244d9b136717cd1fb34067a610e22362985d9491087fcfb77

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yly3pJqSlEnipP1.YbiouxkUY0sv8YTJ
date
Mon, 10 Jun 2024 08:07:51 GMT
via
1.1 14e4300e15854895259e6944bb121ec8.cloudfront.net (CloudFront)
last-modified
Tue, 14 May 2024 16:25:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P1
age
9267
etag
"2fd5663666e2555481b3a7d12a4928e3"
x-cache
Hit from cloudfront
content-type
application/octet-stream
content-length
1792
x-amz-cf-id
A6LC25N6wjAcWAr3UuAA5aQO5vnsSURGZ-kaPWUrkF8vw1ozzdR6qA==
full_wheel.svg
sfo2.digitaloceanspaces.com/woohoo/public/game/60000/64159/ 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sfo2.digitaloceanspaces.com/woohoo/public/game/60000/64159/full_wheel.svg
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
138.68.32.225 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
sfo2.digitaloceanspaces.com
Software
/
Resource Hash
9bf248c0e3e3cd9932e23decdbe7ad9547bf4309e9c8582d89ab90d7feb7deca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 10 Jun 2024 10:25:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Mon, 01 Apr 2024 10:55:14 GMT
x-amz-request-id
tx000002f7a5174510add2c-006666d492-5ad18af0-sfo2a
etag
"232acc2716711351b7411b9b96787e8d"
x-envoy-upstream-healthchecked-cluster
access-control-max-age
30
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-rgw-object-type
Normal
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
accept-ranges
bytes
content-length
7829
4109.latest.en.0218a052e976e7974c26.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
38 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/4109.latest.en.0218a052e976e7974c26.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:22 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
385180
server-timing
imagery;dur=22.478, imageryFetch;dur=22.252, cfRequestDuration;dur=11.999846, ipv6
alt-svc
h3=":443"; ma=86400
content-length
38506
x-xss-protection
1; mode=block
x-request-id
812a51f1-3e51-4aa3-9c1a-9c35427ec26c-1717628644
last-modified
Wed, 05 Jun 2024 23:04:04 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTNgfBY5syxug33ZbffPoph05otjNKjfqmE68xMUJrBXH5zkQKN5oM31Uyw%2BdvVklJ4aa3%2BYjibV1hKCMaqy4EBn1vyotZpki6Jub6IzUoFJ7vpxXgl%2BtrrZpHNXKPSx2cJ6CSFs8M9C2ubdbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/4109.latest.en.0218a052e976e7974c26.js>; rel="canonical"
cf-ray
8918a83088feab6d-YYZ
4085.latest.en.9f43ba93f8b7ea7298cd.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/4085.latest.en.9f43ba93f8b7ea7298cd.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:22 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
323879
server-timing
imagery;dur=36.218, imageryFetch;dur=36.000, cfRequestDuration;dur=13.999939, ipv6
alt-svc
h3=":443"; ma=86400
content-length
17688
x-xss-protection
1; mode=block
x-request-id
2fa04429-2831-4847-beb1-e71ff7a1f839-1717690755
last-modified
Thu, 06 Jun 2024 16:19:15 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FbJqLr4JuKKBZQBvKkYuDRkJuZe%2BIn6cSl9vvjlgGVOfk3JzWV0j6O4jEzdngaTpYhYjw6RSJtvpXgyXHOT4ZgsBPnqEyWB3HMQQwLrywq0UIGgtGT%2Fkv39ar6ndTjEO6XrOY4zL4wbzIZxtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/4085.latest.en.9f43ba93f8b7ea7298cd.js>; rel="canonical"
cf-ray
8918a83139a7ab6d-YYZ
collect
www.automizely-analytics.com/analytics/ 		43 B
389 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.automizely-analytics.com/analytics/collect?v=2&gtm=amwcp1&sr=1600x1200&ul=en-CA&cid=2005672921.1718015117&dl=https%3A%2F%2Fxbloom.com%2F&dr=&dt=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&sid=2caa0307-15cc-40f1-a54e-839c5f742f7f&_psc=mt
Requested by
Host: sdks.automizely-analytics.com
URL: https://sdks.automizely-analytics.com/analytics/v1/dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.97.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
208.97.96.34.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

ratelimit-reset
1
date
Mon, 10 Jun 2024 10:25:22 GMT
via
kong/2.8.3, 1.1 google
x-kong-proxy-latency
0
vary
Origin
content-type
image/gif
access-control-allow-origin
https://xbloom.com
x-kong-upstream-latency
23
access-control-allow-credentials
true
ratelimit-limit
6000
ratelimit-remaining
5600
content-length
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:00:00 GMT
app.latest.en.82a35c77ad162921ceb6.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
243 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.82a35c77ad162921ceb6.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:22 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
217552
server-timing
imagery;dur=23.845, imageryFetch;dur=23.562, cfRequestDuration;dur=10.999918, ipv6
alt-svc
h3=":443"; ma=86400
content-length
247875
x-xss-protection
1; mode=block
x-request-id
105ce641-7df3-4fa1-9ed4-10139c26dee1-1717796939
last-modified
Fri, 07 Jun 2024 21:48:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cHUBEq67gCHILbDMirJgt6Gi9isZcMfMINLAMyUsTPcNzg3%2B1WBlN01WQFTDn0iWTm2eIZJXJWA%2Biq7YoIOnjijtuTTTzHkBJSlQ58H7lTni5h6FAZ3hTeySsrPYgHLtg7khtvyPsEHJzhToQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.82a35c77ad162921ceb6.js>; rel="canonical"
cf-ray
8918a831fa08ab6d-YYZ
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js?timestamp=1718015122354
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
460545e8da83d55f1cdfd9b59590b203963d00eeb6783192a980fbd7ca160da1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:22 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=21, db;dur=6, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="8d72", requestID;desc="a1b841b2-30be-4476-845b-1eebfb76bec1-1718015122", cfRequestDuration;dur=57.999849
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
a1b841b2-30be-4476-845b-1eebfb76bec1-1718015122
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iG7Zl2xvsVtUTYIHxzz8r02vjf0ImniS95JfWua3OJVwD4EboFeZKARcFi2onunHySIicI5LtyufyNtk451vBfYTHfhuKMv65bUjdv4sNt4ul0NeIZC6s4O%2F%2FSQ%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a832ea7d6378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
track.php
lantern.roeye.com/ 		0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lantern.roeye.com/track.php?fingerprint=e8646d64-3657-4345-ba0d-f68b73dae729&referrer=&landingpage=https%3A%2F%2Fxbloom.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&site=81871
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.27.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-27-40.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:23 GMT
server
nginx
content-length
0
content-type
image/gif
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js?timestamp=1718015122504
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
9f18df13f78f25f684e7fe77b797ac1da749ee8529e84dc912ad201bde27704c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:22 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=21, db;dur=6, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="5xhs", requestID;desc="ed04c078-5c4d-41ae-a111-076c54c95963-1718015122", cfRequestDuration;dur=54.999828
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
ed04c078-5c4d-41ae-a111-076c54c95963-1718015122
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBd71y%2BiWwNbERUXMTdwajVViEKjtGpBZvf6DrPDPltbJSpqhLjaSw9j9hKdd%2FvV49%2BsPB3MSgcNTbMtcvE6R4WSVfEwiRgfnan7MK8zXNCY%2BybG%2B28%2B4%2BzZ9Vw%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a833dae96378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
9719.latest.en.a3e0bf864cb5194fbfc5.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/9719.latest.en.a3e0bf864cb5194fbfc5.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:22 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
313888
server-timing
imagery;dur=20.631, imageryFetch;dur=20.330, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
content-length
27328
x-xss-protection
1; mode=block
x-request-id
53aec47b-47b9-4c58-afd3-28b6a0822f48-1717700080
last-modified
Thu, 06 Jun 2024 18:54:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RAQF0IMFlsNUP0rMI%2FNg7gVnOmQozsaQZ3%2FDAJ5jWkOf5mWTfA9t8D1zFBp%2BNAusVpyz6dk9doAgiv0Nb186X6WTvsv3TWcjha8Ac7irQG6Xv40NuwUEKQuYZreI%2FW2hoL%2FygmXZyBDlhFUqgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/9719.latest.en.a3e0bf864cb5194fbfc5.js>; rel="canonical"
cf-ray
8918a8341b18ab6d-YYZ
css
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 10 Jun 2024 10:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 10:18:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jun 2024 10:25:22 GMT
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js?timestamp=1718015122591
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
ace49121c4de47196c68cb07825c7f5bdc27bdb42789e18155ea37033d95bcde
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:22 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=19, db;dur=4, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="s8fz", requestID;desc="d8ddf6fb-4ffa-4b1c-8041-9b43d129f6e4-1718015122", cfRequestDuration;dur=48.000097
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
d8ddf6fb-4ffa-4b1c-8041-9b43d129f6e4-1718015122
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wU5GdzQGvAxhXoPDdmG6BFHq3U5M7nKu1NgOTMsrrfIKpnJU6uv%2B8WpnReNCSUqnQaURNBRxzZAWis9T5o35%2F7NWPdJS8Ipvhps8HvNGzel8OgE6bg0WN4lRnck%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a8346b1d6378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
session_start
api-stage.route.com/v1/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-stage.route.com/v1/analytics/session_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.184.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-184-210.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Mon, 10 Jun 2024 10:25:23 GMT
host
merchant-api-stage.route.com
server
Caddy
vary
Access-Control-Request-Headers
x-powered-by
Express
faro-web-sdk.iife.js
unpkg.com/@grafana/faro-web-sdk@1.1.4/dist/bundle/ 		49 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@grafana/faro-web-sdk@1.1.4/dist/bundle/faro-web-sdk.iife.js
Requested by
Host: protection-widget.route.com
URL: https://protection-widget.route.com/protect.core.js?shop=xbloom.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8a771e2f9afa61d8afcd203be89de60463573d1244d4f31284339a6fc3f655
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:23 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3546271
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HWQ4X4CSWHDSS28BD6ESHFRA-yyz
server
cloudflare
etag
"c30a-eOiIy4iyf1PFF/1id5IkqaM8WJo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8918a8385d3136fc-YYZ
session_start
api-stage.route.com/v1/analytics/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-stage.route.com/v1/analytics/session_start
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.184.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-184-210.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://xbloom.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 10 Jun 2024 10:25:23 GMT
server
Caddy
x-powered-by
Express
content-length
0
content-type
application/json; charset=utf-8
function
protect-quote-q.route.com/v2/quotes/ 		24 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://protect-quote-q.route.com/v2/quotes/function?merchant_id=merch_tSD2uKDtQRQSyJYbwv2w&currency=USD&namespace=__Route
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f5:f000:9:de83:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
9287435b863d30bcb40af1c5aa2feedee9e09186e4f2515bb13718a03946d9f7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:24:14 GMT
content-encoding
br
via
1.1 b3169f8fae0104e39a0a9728b6537e08.cloudfront.net (CloudFront)
server
Caddy
host
coverage-service.route.com
x-amz-cf-pop
IAD55-P4
age
69
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
content-length
6688
x-amz-cf-id
JzaiRw9VO8VPimHX-82wJe-QtI_HacIJvoT7Rx1bCuoCvC0pDquGYQ==
x-request-id
3436353a-3d5d-4150-88a1-de42aee93fdd
Information.latest.en.d8c49edfc97c5534817f.js
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/Information.latest.en.d8c49edfc97c5534817f.js
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
385181
server-timing
imagery;dur=20.672, imageryFetch;dur=20.384, cfRequestDuration;dur=10.999918, ipv6
alt-svc
h3=":443"; ma=86400
content-length
6183
x-xss-protection
1; mode=block
x-request-id
0bbeb471-c4fe-4650-8992-20fe1e3a1e62-1717628645
last-modified
Wed, 05 Jun 2024 23:04:05 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBk0DsyFYuPUPa6FZ5j2WY0jcfrAFmJiabKD5A5X5s6Pvx2wOCSDk6OzSkNE%2Bl1S%2BE69gXsc%2FBKe60ykDVVzYMUKGg6cvwheJxS31w8MEjwWVeaV%2BNbtL9a2lIERwQdLk2qcWZSYu0sSIMzDCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/Information.latest.en.d8c49edfc97c5534817f.js>; rel="canonical"
cf-ray
8918a839beddab6d-YYZ
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js?timestamp=1718015122732
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
201767160d09c24202aa5de2d6b9eb330cbfa39fbe04a8a49fd41a5a332761d9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:22 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=16;desc="gc:1", db;dur=3, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="vcjb", requestID;desc="4f633449-4764-473a-84a3-2d96c30f81d7-1718015122", cfRequestDuration;dur=49.000025
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
4f633449-4764-473a-84a3-2d96c30f81d7-1718015122
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cbQvBdDbf8KTTF52mTdIDfY9l9WwCAuC9BOm3RKKI79f32Z3bRbFFtp%2F1J3QyalhmgtqRFHce08NoLCUvvZ44unkHpwYrB968IEUNmrp2yLhiFS1W1PsQHDpHOM%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a8354b746378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js?timestamp=1718015123096
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
63f0056630bad2f0da54f09daada8ce4c8ab4dccfb7b9847ee96c9c3cf6aeadd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:23 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=14, db;dur=3, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="v4tl", requestID;desc="ab223d1e-9abf-48cc-9988-695c67487a53-1718015123", cfRequestDuration;dur=49.000025
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
ab223d1e-9abf-48cc-9988-695c67487a53-1718015123
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKXYKIFQFXKYOBOV2PXHwz07bCbScQGd3hYsjaWWPhBcDFnVNVCj6%2FHTenwHP0W13XDE6%2BBYjCMoce%2FV3hPfcv6RXrOdbcW%2BOPRlVP4H9UKWaUZOT0Um8B%2B51IM%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a8378c6d6378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js?timestamp=1718015123238
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
3c8e61824299c44bbcbbe767af4935ec2b7448a2a2c8e3f086b1ecd21f1f11f4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:23 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=19, db;dur=4, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="bdwl", requestID;desc="aa97848a-f007-4f60-aaa2-48d1b6bb919b-1718015123", cfRequestDuration;dur=54.999828
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
aa97848a-f007-4f60-aaa2-48d1b6bb919b-1718015123
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zvqz%2BCe6peKSMnkEG6AMll6K%2FulTHys%2BJemR2MZdbNGZAe%2F8mXPQSEttAPFwKNHWJL5IkwncT%2BP9RWu%2FB3PCxCqjQgro2E%2FKop%2FnkCpfvVgC%2FYNrVOCi%2FUJj3Fg%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a8387cce6378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
assets
api.route.com/v1/protect/merchants/merch_tSD2uKDtQRQSyJYbwv2w/ 		698 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.route.com/v1/protect/merchants/merch_tSD2uKDtQRQSyJYbwv2w/assets
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.88.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-88-173.compute-1.amazonaws.com
Software
Caddy /
Resource Hash
1ccc1644931a4d3f85ad521f9300e29f3fe14f2f78aa0b90aae57b3aa54ed3ea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
0ms
date
Mon, 10 Jun 2024 10:25:23 GMT
server
Caddy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
698
merch_tSD2uKDtQRQSyJYbwv2w.json
ddbmicszvqxcg.cloudfront.net/ 		768 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ddbmicszvqxcg.cloudfront.net/merch_tSD2uKDtQRQSyJYbwv2w.json
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:4a00:1f:4f35:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe075881fdea4b0fc3d84abb431dd96efde19005316f2de6e047fbeb8190dd71

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:34:00 GMT
x-amz-version-id
wJiULX3sU_4va_VXYb0bF2A6Iow6W_uy
via
1.1 765ade8c6b70e0e7c0b0572f4e039b98.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
39084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
768
last-modified
Thu, 29 Feb 2024 10:13:34 GMT
server
AmazonS3
etag
"dde8cce4d1b6e846502a521298133a1a"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
tPuyREDOVYCduoXp8EGdDBF9K-dbfVm7Cl4v8verDhsYRrIX6UASBg==
143.latest.en.2bca5c0a646fa4b3c156.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/143.latest.en.2bca5c0a646fa4b3c156.css
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
225578
server-timing
imagery;dur=20.718, imageryFetch;dur=20.561, cfRequestDuration;dur=14.999866, ipv6
alt-svc
h3=":443"; ma=86400
content-length
23657
x-xss-protection
1; mode=block
x-request-id
874275e0-ecce-4547-b603-c4406d2a3072-1717786929
last-modified
Fri, 07 Jun 2024 19:02:09 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkmG9PbCWM3uEeM4pDtkmgpG181yvvBuIfER3NuZp%2FvCWvsP45p6%2BMQPjgZggENgeBhi2ELMKuavLavYqCEqSp2o8%2Bc98AcYFIA9tBlevZ6ib1ebTc03pzzDFLtaICsfp%2B7AnA5rN6nT9kJQ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/143.latest.en.2bca5c0a646fa4b3c156.css>; rel="canonical"
cf-ray
8918a83a6f32ab6d-YYZ
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js?timestamp=1718015123597
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
245aef102197fe25f605033d14a5be8266d6a3eabe34e61c4b401aca07f81db3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:23 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=17, db;dur=5, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="79lx", requestID;desc="13c1fef5-c61b-44ce-abd9-dc9b7e1818a4-1718015123", cfRequestDuration;dur=55.000067
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
13c1fef5-c61b-44ce-abd9-dc9b7e1818a4-1718015123
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fpe5qNfvGZquwxaadp8T3cI%2FTyyLETDZiGlDyb96BXYx%2Fd6YqpOK21BUEUXPBI%2F0QeFtzMY8mLUTjsju2Ta7PImTkhxnoiXK7YZHfwJg8BlZjW%2FL%2FW9brTciExs%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a83abde16378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
collect
wobs.route.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wobs.route.com/collect
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.164.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-164-148.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type, X-Api-Key
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Mon, 10 Jun 2024 10:25:24 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
collect
wobs.route.com/ 		2 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wobs.route.com/collect
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.164.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-164-148.compute-1.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://xbloom.com/
x-api-key
1hRSA5jd2eF8r4Ko
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Jun 2024 10:25:24 GMT
Connection
keep-alive
Content-Length
2
Vary
Origin
Content-Type
text/plain; charset=utf-8
app.latest.en.71184ade77e999e513cd.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.71184ade77e999e513cd.css
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
909767
server-timing
imagery;dur=68.444, imageryFetch;dur=25.192, cfRequestDuration;dur=11.999846, ipv6
alt-svc
h3=":443"; ma=86400
content-length
3804
x-xss-protection
1; mode=block
x-request-id
960fb024-0541-4b65-9e53-eaa6d5fdea23-1717103181
last-modified
Thu, 30 May 2024 21:06:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fnytd12rxP%2B6DVSMhSpFyUvEyrmIKOTQjuGXXb%2FLLlriQTmignMJKXuI31DaTJS9ygJ%2FX237W7M0mtoiTb3hRR%2BHW53JDXn1zgHqQgFudPMmEb%2FD%2Bpnc%2B8ejESD75NYFK3gmbgxsYkFZTe%2Bzdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/app.latest.en.71184ade77e999e513cd.css>; rel="canonical"
cf-ray
8918a83c986bab6d-YYZ
cart.js
xbloom.com/ 		283 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xbloom.com/cart.js?timestamp=1718015123751
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.32 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
a53bb14ed15bd7b1689d9c87007a4fc4cbe68ab5c11e645eb407b7ab215eb761
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:23 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding
gzip
strict-transport-security
max-age=7889238
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server-timing
processing;dur=20;desc="gc:3", db;dur=4, asn;desc="577", edge;desc="ORD", country;desc="CA", servedBy;desc="s8fz", requestID;desc="541af568-3075-4484-b6fd-16101622d569-1718015123", cfRequestDuration;dur=50.999880
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
61157048544
x-request-id
541af568-3075-4484-b6fd-16101622d569-1718015123
x-shardid
223
x-storefront-renderer-rendered
1
server
cloudflare
x-shopid
61157048544
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
content-language
en
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMd503zsLlztL32gNWDjMLMhoc2ORMEZQXKyKm6OvMtRHV3SXbf78x%2BOl8imwn3oqS9ZKiBDxeRgZ9c5TVMsHNxuMlovoCl2SwA8cWgZZbjZLcvPeec5ia0ErVs%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cf-ray
8918a83bae3f6378-ORD
x-cartjs-cache
1
x-sorting-hat-podid
223
x-cartjs-updatedat
0
9119.latest.en.5736c38f6b531acff9cc.css
cdn.shopify.com/shopifycloud/checkout-web/assets/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/checkout-web/assets/9119.latest.en.5736c38f6b531acff9cc.css
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:24 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
1119568
server-timing
imagery;dur=57.030, imageryFetch;dur=25.498, cfRequestDuration;dur=13.000011, ipv6
alt-svc
h3=":443"; ma=86400
content-length
2434
x-xss-protection
1; mode=block
x-request-id
31dfc4e9-b7bd-442d-9c1b-9c8b81426362-1716888997
last-modified
Tue, 28 May 2024 09:36:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jH2NetsZ3C%2BYFv9Fh%2Bvs9E0v77WWkkbeTNyRyw%2FlBH7wkLKs2FnYFbXnKqrIFtGKBSBO%2Fq0srU810l%2BXQmQdWeDRzYoHRZe9Xe4VkJBronBzRBZNFAH4Rtpqew9hNW9w%2BD5MGZHEMmEpHurBmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/checkout-web/assets/9119.latest.en.5736c38f6b531acff9cc.css>; rel="canonical"
cf-ray
8918a83d48c7ab6d-YYZ
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TC0C5S6R68&gtm=45je4650v873467025z89186111886za200zb9186111886&_p=1718015115726&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=2005672921.1718015117&ecid=899068224&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1718015116&sct=1&seg=1&dl=https%3A%2F%2Fxbloom.com%2F&dt=xBloom%20-%20Your%20Home%20Coffee%2C%20Professionally%20Made&en=page_load_time&epn.loading_time_sec=4.21&_et=2064&tfd=9246
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TC0C5S6R68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 10:25:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xbloom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
protect.widget.js
d3od5si8vgcekb.cloudfront.net/ 		522 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3od5si8vgcekb.cloudfront.net/protect.widget.js
Requested by
Host: protection-widget.route.com
URL: https://protection-widget.route.com/protect.core.js?shop=xbloom.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:5800:1b:a570:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cdc80bacdcc5a62e78e39b28c79194d5133829a06970fb944567dba38984d71

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
EQOnQ7uxJ2kL2hZHvQ4wXqbaJ8M5E3mY
content-encoding
gzip
via
1.1 ac28147bf6a75debb0811f62b6224e6e.cloudfront.net (CloudFront)
date
Sun, 09 Jun 2024 21:08:26 GMT
last-modified
Wed, 08 May 2024 00:40:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3
age
47819
x-amz-server-side-encryption
AES256
etag
W/"7288239d366f50a3a5f6683f717046be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
zlWBhsN-fwpSWA6MacyYvUjBZBzmus2x6GHQIqZZ3_Lhma5eb2cjdw==
xbloom_logo_2988e005-3aa0-4291-9b12-7b1d23307bbe_x320.png
cdn.shopify.com/s/files/1/0611/5704/8544/files/ 		0
45 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0611/5704/8544/files/xbloom_logo_2988e005-3aa0-4291-9b12-7b1d23307bbe_x320.png?v=1684639959
Requested by
Host: xbloom.com
URL: https://xbloom.com/checkouts/internal/preloads.js?locale=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:24 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
2389373
source-type
image/png
server-timing
imagery;dur=161.086, imageryFetch;dur=41.738, imageryProcess;dur=118.412;desc="image", cfRequestDuration;dur=15.000105, ipv6
source-length
22008
content-length
44780
x-xss-protection
1; mode=block
x-request-id
2355b8b9-25e1-42b1-8cb9-4a8a1e20d7ae-1715624396
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 13 May 2024 18:19:56 GMT
server
cloudflare
x-shopid
61157048544
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z1f5Rg%2Fi5TpuBYQcDG%2BFkZL0vUOCx%2BW0N6PAtHDU2bE6kxxDp2kVhSWpy5IdNSF0jsNtl0AAlEaV95S5Yk96%2FQl6ds7Qr82NwJ%2FEUUFN%2BmGt%2FTp7%2BTwAs669gf34CVRMu2z0TxIcBQQswcrkmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0611/5704/8544/files/xbloom_logo_2988e005-3aa0-4291-9b12-7b1d23307bbe_x320.png>; rel="canonical"
cf-ray
8918a83e0925ab6d-YYZ
css2
fonts.googleapis.com/ 		5 KB
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6eedb5cb03cd314447579708e86b712ff39e75c695438c9f3e7c36f56753e04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 10 Jun 2024 10:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 10:19:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jun 2024 10:25:24 GMT
collect
wobs.route.com/ 		2 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wobs.route.com/collect
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.164.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-164-148.compute-1.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://xbloom.com/
x-api-key
1hRSA5jd2eF8r4Ko
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Jun 2024 10:25:24 GMT
Connection
keep-alive
Content-Length
2
Vary
Origin
Content-Type
text/plain; charset=utf-8
vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
static.klaviyo.com/onsite/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~reviews~atlas~ClientStore.dd9d02dd9fc376e8dd48.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.df7cd64caef40ba309ae.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hw7SViCzd9aX5jIszRS6I1sx4jGvmnSZ
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:25 GMT
x-amz-request-id
5KXVKG481Q5746A0
age
215135
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8356
x-amz-id-2
vO5nw9PfIJv0PXqifSwnOls0aGmgAubVn6vfhof8wfDXPBbnFOjsI+/komcD4CqdYKLxYxdfqpg=
x-served-by
cache-lga21937-LGA, cache-yyz4538-YYZ
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"2f5438508c293a1ad8e8f5b6a6cbd520"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
54, 32664
ClientStore.5d666c44918436434500.js
static.klaviyo.com/onsite/js/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/ClientStore.5d666c44918436434500.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.df7cd64caef40ba309ae.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bf7c234a8f3ac641147e6a23d743e4fa37f5a4bc315532b8d3eb36596120351

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
e6n8tHfB6.4Fowupanyf7uQVsAoZBe8S
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:25 GMT
x-amz-request-id
C77TQQ0EYXW995AY
age
215135
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
18150
x-amz-id-2
66fDptCqo4IpVsz80/kvQOE71zJp13vDXi/JQXghdErAJtqhfC0AhH5RHoFqJA+/N71ne98qbvp9/sRMzD/rFA==
x-served-by
cache-lga21934-LGA, cache-yyz4538-YYZ
last-modified
Wed, 05 Jun 2024 14:05:13 GMT
server
AmazonS3
etag
"f46153adeffff5adc600f37866c246ab"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
168341c2d5038a8f6f66d43bec7fe8821684f816
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
54, 35391
track-analytics
a.klaviyo.com/onsite/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=YcBdjn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8918a8491e9ea1de-YYZ
content-encoding
gzip
content-language
en-us
content-security-policy
object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; report-uri /csp/
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 10:25:25 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie, Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
track-analytics
a.klaviyo.com/onsite/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=YcBdjn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
allow
POST, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8918a8491e9ca1de-YYZ
content-encoding
gzip
content-language
en-us
content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 10:25:25 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie, Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
532.0cd7f6df3173019ad38a.css
static.klaviyo.com/onsite/js/ 		74 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/532.0cd7f6df3173019ad38a.css
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.df7cd64caef40ba309ae.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c46fac52c0255956e72289f1c72b3c6cd18a980b949e005a1e026a1a7a07e2ee

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
D.AdnhQpfX_ZBWV2vzWf72k7vDHRfmNX
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:25 GMT
x-amz-request-id
79R841GFHBXRS8NV
age
215134
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8186
x-amz-id-2
SiuTAFdcnJblw/LTsVw/8qgb4wilUfN5KqfLdcdKExjiXjLh+FefUWASjkSpTrlMmSirhkIc8b4=
x-served-by
cache-lga21966-LGA, cache-yyz4538-YYZ
last-modified
Fri, 07 Jun 2024 00:20:10 GMT
server
AmazonS3
etag
"ee0c1f48c291d1b987a25b5f25d77af1"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
e2c748ebf0e47876a28d3425b967c030fd081d37
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
19, 35926
styles.ccf9eb43fb94f6b4efde.js
static.klaviyo.com/onsite/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/styles.ccf9eb43fb94f6b4efde.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.df7cd64caef40ba309ae.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
u4YOvN.DBhziRupMNLHlSlohoVjRmp1y
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:25 GMT
x-amz-request-id
EEGXP0XW5HRRBVY3
age
215134
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
4092
x-amz-id-2
uuuLX3jxbT5jsxJejSDwGq8C5/2Zi1Magv6m4goQvJr8BDlHFmYqf92WbJAQXkSF5HoqBJ41b6Y=
x-served-by
cache-lga21931-LGA, cache-yyz4538-YYZ
last-modified
Wed, 03 Apr 2024 02:24:08 GMT
server
AmazonS3
etag
"c6c30853a63ebd4a4189fa8dcd359f29"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a2a09d2f114724cda111ccd8470493362b1982e3
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
0, 33585
vendors~Render.73a25566a8d0e857f80f.js
static.klaviyo.com/onsite/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~Render.73a25566a8d0e857f80f.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.df7cd64caef40ba309ae.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc7addbd19fe5d5f444e00d2e27641962190abd5cb5d358e020010c3ddce3b90

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
BGmyNp5O2DoUJvoiviChcHi96o8sxZkM
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:25 GMT
x-amz-request-id
VQFJF7YBT1A231FC
age
215134
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
3874
x-amz-id-2
I/cDVoSR0oVBZfpCdNYHgxf/iblYFILWYX6fNeWXBxs1VAgwbSUIFwT/FBCV7x3O4lEDQbALHsw=
x-served-by
cache-lga21977-LGA, cache-yyz4538-YYZ
last-modified
Wed, 22 May 2024 18:52:04 GMT
server
AmazonS3
etag
"2c8e39a88c04abd31899f30154ba9374"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
f0d00264916f82b3f67af2b22deeea1c6e9bda2d
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
41, 33450
Render.b081b2ce5fe9bd734c18.js
static.klaviyo.com/onsite/js/ 		121 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/Render.b081b2ce5fe9bd734c18.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/runtime.df7cd64caef40ba309ae.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d4f5fd0d9929f8245acad51af0003b8b18d5135ba9a06d4d070cc1a5a8d87eb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yfeC23UV6nmNH6a95QsV5T3SM.mUkAj8
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 10 Jun 2024 10:25:25 GMT
x-amz-request-id
2R8BYKD9FAWEQYH3
age
215135
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
31198
x-amz-id-2
f/0qSU7RCOaFJuaBQbW1V05fwH99d9BK8VmfxFNagJb1H/67+fUw5hhXXdp0zgV7nQxjrXQpirY=
x-served-by
cache-lga21945-LGA, cache-yyz4538-YYZ
last-modified
Fri, 07 Jun 2024 15:37:52 GMT
server
AmazonS3
etag
"0681df5b91cc36142bd0dc6fce9c456b"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
38eb0d731a8f46438c90c8a370f0cc2b6182546a
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
32, 35379
track-analytics
a.klaviyo.com/onsite/ 		50 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=YcBdjn
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
accept
application/json
Referer
https://xbloom.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; base-uri 'none'; report-uri /csp/
content-length
50
server
cloudflare
allow
POST, OPTIONS
vary
Accept-Language, Cookie, Accept-Encoding
content-language
en-us
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
application/json
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
8918a84a3f21a1de-YYZ
access-control-allow-headers
x-robots-tag
noindex, nofollow
track-analytics
a.klaviyo.com/onsite/ 		50 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.klaviyo.com/onsite/track-analytics?company_id=YcBdjn
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:df0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
accept
application/json
Referer
https://xbloom.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; report-uri /csp/
content-length
50
server
cloudflare
allow
POST, OPTIONS
vary
Accept-Language, Cookie, Accept-Encoding
content-language
en-us
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
application/json
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
8918a84a3f20a1de-YYZ
access-control-allow-headers
x-robots-tag
noindex, nofollow
1eb78c19-036a-4be7-a90e-df2ab8416ccd.jpeg
d3k81ch9hvuctc.cloudfront.net/company/YcBdjn/images/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k81ch9hvuctc.cloudfront.net/company/YcBdjn/images/1eb78c19-036a-4be7-a90e-df2ab8416ccd.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-29.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d6e7a9f535591efc699ec0bfcfabda9437ccfc6d7d6f5000fe707b9c8fb637a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://xbloom.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 18 May 2024 06:10:54 GMT
x-amz-version-id
yRg89sRKrJfwQEyXdqFq.VtYtRNFtgop
Via
1.1 69baaa5439c683e230d9fcac1c2ffce0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P1
Age
2002473
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
195808
Last-Modified
Fri, 10 May 2024 08:56:51 GMT
Server
AmazonS3
ETag
"0df758c42f417fc421cb8851f509956a"
Content-Type
image/jpeg
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
X-Amz-Cf-Id
LC_vvJwIsDLmoqXCVeC2HRV2c9dmEqH1zRt3sIjfk5hHLO9imA6Lnw==
l
use.typekit.net/af/e6e282/00000000000000007735fcfa/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e6e282/00000000000000007735fcfa/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/dts2hii.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3705 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d7aa033b9a91ccbb1605037a7877390d693aa44b0f3c0dc22ed661c7fe6e5d3a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://use.typekit.net/dts2hii.css
Origin
https://xbloom.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 10:25:26 GMT
server
nginx
etag
"e7331119f40e6b99b68dd7ced0701f836f2021e1"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25156
bulkevents
api.route.com/v1/analytics/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.route.com/v1/analytics/bulkevents
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.88.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-88-173.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://xbloom.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 10 Jun 2024 10:25:26 GMT
server
Caddy
x-powered-by
Express
content-length
0
content-type
application/json; charset=utf-8
bulkevents
api.route.com/v1/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.route.com/v1/analytics/bulkevents
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.88.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-88-173.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xbloom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Mon, 10 Jun 2024 10:25:26 GMT
server
Caddy
vary
Access-Control-Request-Headers
x-powered-by
Express
bulkevents
api.route.com/v1/analytics/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.route.com/v1/analytics/bulkevents
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.88.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-88-173.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://xbloom.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 10 Jun 2024 10:25:26 GMT
server
Caddy
x-powered-by
Express
content-length
0
content-type
application/json; charset=utf-8
bulkevents
api.route.com/v1/analytics/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.route.com/v1/analytics/bulkevents
Requested by
Host: xbloom.com
URL: https://xbloom.com/cdn/shopifycloud/shopify/assets/shop_events_listener-61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.88.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-88-173.compute-1.amazonaws.com
Software
Caddy / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://xbloom.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 10 Jun 2024 10:25:28 GMT
server
Caddy
x-powered-by
Express
content-length
0
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.shopify.com
URL
https://cdn.shopify.com/extensions/7a4d4d54-a983-4845-89b6-6cf7d46d6d61/bixgrow-affiliate-marketing-23/assets/image-gallery.css

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer object| Shopify object| ShopifyPay object| __st boolean| ShopifyPaypalV4VisibilityTracking object| webpackChunkxbloom3_0 object| Alpine object| XBLOOM3 function| navTo function| offset object| scrollHandlers function| rdt object| _klOnsite object| klaviyo boolean| klaviyoReviewsProductDesignMode object| meta string| attr object| ShopifyAnalytics object| gaDevIds object| trekkie object| BOOMR object| _learnq string| __klKey function| redditNormalizeEmail string| shopUrl object| routes object| cartStrings object| variantStrings object| accessibilityStrings function| gtag object| fbp object| fbc object| fbp_val object| fbc_val function| fbq function| _fbq object| script function| hj object| _hjSettings function| subscribe function| publish function| getFocusableElements function| trapFocus function| focusVisiblePolyfill function| pauseAllMedia function| removeTrapFocus function| onKeyUpEscape function| debounce function| fetchConfig function| sortBySoldOut object| google_tag_manager object| google_tag_data object| __core-js_shared__ object| core object| regeneratorRuntime string| bixgrowUrl function| bgGetParameterByName function| getStoreToolBars function| bgGetCookie function| bgGetHasCode function| replacesTagsToolBar string| bixgrowReferralUrl string| bixgrowTrackingUrl function| createFriendRewardPopup function| autoAppliedCoupon function| bgGetDataReferral function| createWidget function| validateEmail function| bgSetCookie function| bgIsShowWidget function| detectDateFormat boolean| bgIsEmbedWidgetLoaded string| href boolean| DISABLE_TRACK function| ga string| GoogleAnalyticsObject string| TiktokAnalyticsObject object| ttq object| webPixelsManager object| wpJsonpOkeReviews object| okeWidgetApi object| _visit function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO object| webpackChunk_klaviyo_onsite_modules object| zEWebpackACJsonp function| zE function| zEmbed object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| SIGNAL_TYPE object| gaplugins object| gaData object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks boolean| zEACLoaded number| BOOMR_onload number| visuallyReady string| bixgrowTrackUrl object| gbRefParam number| bgGroup function| bgSetCookieByUnixTime function| bguuid function| bgUpdateCart function| bgPostEvent number| bgSetInterval function| bixgrowAutomaticCouponCustomer function| waitForElementToExist boolean| oxi_initialized boolean| resized function| response object| webpackJsonpAutomizelyMarketing object| $mcSite object| Rise function| $rise object| RiseSdk object| RiseStoreFront object| automizelyConversions boolean| routeInterceptedXHR boolean| routeInterceptedFetch boolean| routeInterceptedRecalculate boolean| routeSkipInterceptation boolean| routeWidgetInitialized boolean| routeIdSentToCartAttributes boolean| routeInterceptedCheckoutHooks number| routeRef object| AWIN function| loadSmileScript boolean| __REACT_INTL_BYPASS_GLOBAL_CONTEXT__ object| __smile_ui_init_data__ object| _lkda function| confettiKit function| ClipboardJS object| amStorefrontKit object| webpackChunksmile_ui object| Grin object| Sha256 object| Utf8 function| AwinCustomEvent undefined| $ undefined| jQuery function| Cookies object| Route object| lanternTracker object| lantern object| __Route object| GrafanaFaroWebSdk function| __CE_installPolyfill

40 Cookies

Domain/Path Name / Value
xbloom.com/ Name: keep_alive
Value: 5b4cafe2-7ac5-43b2-8c46-4b51f35677a3
xbloom.com/ Name: secure_customer_sig
Value:
xbloom.com/ Name: localization
Value: US
xbloom.com/ Name: cart_currency
Value: USD
.xbloom.com/ Name: _tracking_consent
Value: %7B%22con%22%3A%7B%22CMP%22%3A%7B%22a%22%3A%22%22%2C%22m%22%3A%22%22%2C%22p%22%3A%22%22%2C%22s%22%3A%22%22%7D%7D%2C%22v%22%3A%222.1%22%2C%22region%22%3A%22CAON%22%2C%22reg%22%3A%22%22%7D
.xbloom.com/ Name: _cmp_a
Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.xbloom.com/ Name: _shopify_y
Value: 3f62e1d4-8347-417f-9ace-178b2a6f735b
.xbloom.com/ Name: _orig_referrer
Value:
.xbloom.com/ Name: _landing_page
Value: %2F
xbloom.com/ Name: receive-cookie-deprecation
Value: 1
.xbloom.com/ Name: _rdt_uuid
Value: 1718015116500.f2845ef5-3c9d-41e6-968c-36c8e855bc8a
.xbloom.com/ Name: _rdt_em
Value: 0000000000000000000000000000000000000000000000000000000000000001
.xbloom.com/ Name: _shopify_s
Value: cb39e6b2-0dbb-47e4-9106-743cc51e0dce
.xbloom.com/ Name: _shopify_sa_t
Value: 2024-06-10T10%3A25%3A16.932Z
.xbloom.com/ Name: _shopify_sa_p
Value:
.xbloom.com/ Name: _gcl_au
Value: 1.1.1517631280.1718015117
.xbloom.com/ Name: _ga_9LV2MQ6D8W
Value: GS1.1.1718015117.1.0.1718015117.0.0.0
xbloom.com/ Name: __kla_id
Value: eyJjaWQiOiJaV1UxTnpkbVpUVXRNalU0T1MwMFlUQTFMV0U1WlRRdFpUbGtOVEUwWXpkak1UY3ciLCIkcmVmZXJyZXIiOnsidHMiOjE3MTgwMTUxMTcsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8veGJsb29tLmNvbS8ifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MTgwMTUxMTcsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8veGJsb29tLmNvbS8ifX0=
xbloom.com/ Name: shopify_pay_redirect
Value: pending
.tiktok.com/ Name: _ttp
Value: 2hgUGOAU8gQW8hWN4dgpUcK1LwN
.xbloom.com/ Name: _ga
Value: GA1.2.2005672921.1718015117
.xbloom.com/ Name: _gid
Value: GA1.2.1238203051.1718015117
.xbloom.com/ Name: _gat
Value: 1
.xbloom.com/ Name: _gat_gtag_UA_226376740_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.xbloom.com/ Name: _tt_enable_cookie
Value: 1
.xbloom.com/ Name: _ttp
Value: mDxS1y6iwtv1Hlad72I78EXANbI
.xbloom.com/ Name: _hjSessionUser_4996469
Value: eyJpZCI6IjMzYzM2NTY1LTQ3ZTQtNTIxNy1iNWMwLTA2ZjU3ODFjYWI2MiIsImNyZWF0ZWQiOjE3MTgwMTUxMTc4MTAsImV4aXN0aW5nIjpmYWxzZX0=
.xbloom.com/ Name: _hjSession_4996469
Value: eyJpZCI6IjgzNjg5YTc4LTQ5YmYtNGU5OC05NDY2LTc0ZTAzYWRmZjNmMiIsImMiOjE3MTgwMTUxMTc4MTEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.xbloom.com/ Name: _fbp
Value: fb.1.1718015118007.29958145413376368
.xbloom.com/ Name: _ga_TC0C5S6R68
Value: GS1.1.1718015116.1.1.1718015119.57.0.899068224
xbloom.com/ Name: lkda_fullwheel64159ResetCookie
Value: 2
xbloom.com/ Name: lkda_fullwheel64159PageLoaded
Value: 1
xbloom.com/ Name: _ama
Value: 2005672921.1718015117
xbloom.com/ Name: lkda_fullwheel64159ShowFlag
Value: 0
.xbloom.com/ Name: lantern
Value: e8646d64-3657-4345-ba0d-f68b73dae729
xbloom.com/ Name: _route_pa_sid
Value: 1e6d655a-c79d-487a-bb0e-eabb22668534
xbloom.com/ Name: _route_pa_session_start
Value: 1718015122654
xbloom.com/ Name: _route_grafana_faro_session_id
Value: X9L59fSr98
xbloom.com/ Name: _route_pa_application_started_on
Value: 1718015123898

11 Console Messages

Source Level URL
Text
other warning URL: https://xbloom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xbloom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xbloom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xbloom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xbloom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xbloom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xbloom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xbloom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://xbloom.com/
Message:
The resource https://xbloom.com/cdn/shop/files/Mobile-KV-Studio.jpg?v=1715792249 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://xbloom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
intervention info URL: https://xbloom.com/
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://use.typekit.net/af/e6e282/00000000000000007735fcfa/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
ajax.googleapis.com
alb.reddit.com
analytics-ipv6.tiktokw.us
analytics.google.com
analytics.tiktok.com
api-stage.route.com
api-uploads-cdn.sweettooth.io
api.bixgrow.com
api.route.com
app.getwoohoo.com
bff-api.automizely.com
cdn.shopify.com
chimpstatic.com
connect.facebook.net
d1xlc0a8mald46.cloudfront.net
d38xvr37kwwhcm.cloudfront.net
d3hw6dc1ow8pp2.cloudfront.net
d3k81ch9hvuctc.cloudfront.net
d3od5si8vgcekb.cloudfront.net
ddbmicszvqxcg.cloudfront.net
dr4qe3ddw9y32.cloudfront.net
ekr.zdassets.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm.gropulse.com
js.smile.io
lantern.roeye.com
lantern.roeyecdn.com
p.typekit.net
pixel-config.reddit.com
platform.smile.io
protect-quote-q.route.com
protection-widget.route.com
referralprogramapp.com
script.hotjar.com
sdks.automizely-analytics.com
sdks.automizely.com
sfo2.digitaloceanspaces.com
shop.app
shopify-widget.route.com
shopify.route.com
social-login.oxiapps.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.hotjar.com
static.klaviyo.com
static.zdassets.com
stats.g.doubleclick.net
str.rise-ai.com
strn.rise-ai.com
tbdxsupport.zendesk.com
unpkg.com
use.typekit.net
wobs.route.com
www.automizely-analytics.com
www.cloudflare.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.merchant-center-analytics.goog
www.redditstatic.com
xbloom.com
cdn.shopify.com
104.16.51.111
104.18.72.113
104.197.53.66
13.249.39.93
138.68.32.225
151.101.193.140
151.101.2.133
151.101.66.133
18.160.41.29
18.160.41.49
2.23.138.46
23.212.251.18
23.227.38.32
2600:1408:c400:29::17da:da47
2600:1408:c400:5::17c7:3705
2600:1408:c400:5::17c7:3727
2600:9000:201e:2e00:1b:9025:e980:21
2600:9000:201e:5800:1b:a570:2ec0:93a1
2600:9000:2073:a00:18:94b4:d1c0:93a1
2600:9000:208f:2a00:17:6686:3380:21
2600:9000:2199:6c00:1:74a3:9240:93a1
2600:9000:24f3:8800:f:8ce2:fb80:93a1
2600:9000:24f3:c200:2:3d40:da40:93a1
2600:9000:24f4:4a00:1f:4f35:9400:93a1
2600:9000:24f5:f000:9:de83:1280:93a1
2600:9000:2501:7000:15:decf:f580:21
2600:9000:2508:5e00:11:4cd0:7f80:93a1
2600:9000:2508:e600:1f:af3f:8a40:93a1
2600:9000:26c1:600:2:9231:580:93a1
2606:4700:10::6816:2dbd
2606:4700:10::ac43:18ba
2606:4700:20::681a:97c
2606:4700:20::681a:a8b
2606:4700:3031::ac43:8e98
2606:4700:3032::ac43:d7c4
2606:4700::6810:7c60
2606:4700::6811:f8cb
2606:4700::6812:1082
2606:4700::6812:1182
2606:4700::6812:df0
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c09::61
2607:f8b0:4004:c0b::93
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::8b
2607:f8b0:4004:c1b::9b
2607:f8b0:400d:c0d::5e
2607:f8b0:400d:c0d::5f
2607:f8b0:400d:c0d::64
2607:f8b0:400d:c0e::64
2620:127:f00f:ff00::
2620:127:f00f:ff01::
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:600::396
3.162.112.58
34.195.184.210
34.241.27.40
34.96.97.208
35.174.88.173
52.85.132.5
52.85.61.47
54.198.164.148
013e1d1047b0a9d4aa048bd0a2f9a1000329fb1688e6d59a2436c68066d25a55
01d3746facd772a66b89ce9a5a3204cb3f69d896b42f28f6e44dd402399cc283
02069ea1083a50d86483f22aae2e329e0d684c7392a0b5d30ea085fcab51ce2f
04076634a045cfcdd37853823feb608eac6a47c84967228b07c9d104ff5dd722
04743498d1608e78f4d2b21571b2df7c4dabd6b188cb69d807f06a2128d6e9c0
04eaf342c366606b19b6a2d681f5f21e53c9a2858185e267ef9d26bd4490d8ff
065adff76ce7de69ae79de218d7cb18d5ba05429a60615cf2a927a6b65a8dd5a
06f5532ed7a6f3d37c0ff15c8b1bf3f96e6c7096efbe1ad5404ae7d38e2212e7
079b302f4be861e3b35ba31f78d3a978bdffdadc11d8170bf07d924a32536106
09729230be40dea5fa4e66cba0f7922aae68aabeecee1be177bb4fff8a2533a0
0d43a07a690646ca8fbb83b7c72d91cc83a4d65d6336809547ce1c788f65a9fe
0d54fab6fa16827ce3aaebaef3f6862550eefd8f8452eecc53c43596ce6323bd
0df6fbf6a2b434bdcad0cbd112f2422118205f4f1f7090c7d4f925362394c1b6
0f4195905c9e63a6f4e163e8b6af65384810d3643cf72590ed6a4220dab34a80
0f5c7e8e7939e4ddd88e5dcd5760663861aebae231b105734b775236a1dc0ad9
0ffbca040684ec1fb16292ce87de2fb0a252dd2488d318c04973e9e0c5d48b39
1035e9cc3cae8a8c0ecf11ab3bb7c3b9af4c1d27bf25fe66c9d257784dc7a725
138f9194e9ec9c7b1f13866151454c0be3e5407474ab35870ddd8274d6125cb1
164eeaadc8344225ed01bf20d7e6e15df859182ca8392cb9cd778158737f1413
170611b5222295c558d4664f3ab58354c17f15c9775f42fcb4c56940016d2a88
182aed8bfe77643efd0464370a017e39fe115bc115962dede8fea94ac9191c56
19c5a5e583a11667b86cba836ddd41bef6116104f6e5da81a50fdd255600f8ed
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1c0b396bd4d054b94abae1eb6a1bd6ba47beb35525c57a217c77a862ff06d83f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ccc1644931a4d3f85ad521f9300e29f3fe14f2f78aa0b90aae57b3aa54ed3ea
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d6e7a9f535591efc699ec0bfcfabda9437ccfc6d7d6f5000fe707b9c8fb637a
1f86f2de9dc8de005e265a7c4078261c3b69352710365137b8e33046d11d352d
201767160d09c24202aa5de2d6b9eb330cbfa39fbe04a8a49fd41a5a332761d9
245aef102197fe25f605033d14a5be8266d6a3eabe34e61c4b401aca07f81db3
24ff7faa3ed352d9d4301b20ecb2849d52a36460abffe94cfb4d0a9625fc695c
25ebd82b9a06e27163a4b596bdff19a5b21fca293d567eb630ee21420ddad7e7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28eb68c5c6a198f7545d3506adbe63bcbc0019d0cd6fdb12c5691427038835d9
2bf8d774edf8f3d54b268bf587951e8a70be95ad90807ad4b4d7d55dd2b77194
2c83a814729c6f5c82b6336c787881313e70e1bfee11903b93431ca08174aa75
2d4f5fd0d9929f8245acad51af0003b8b18d5135ba9a06d4d070cc1a5a8d87eb
2e30ac1a65427ced53cfdc5e9143b9f7a946693819d1cc5640470447236a4523
30b44b13a08318d95cca7f82b64efee555f5a7170a49ff95a27f2a74be96b20e
32a4398305bcbd8d18a2b1f1d1ff09b66b175b7583bd1e86f9890070cfd6f81c
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
35c934dbb166a49c7413207672b30c1ff65d0c8ad83ef770fdbc021f6d7af4b5
397b86e7b252eb25ddab44c44c03e7da08546c532e00c721d2650543573ec040
3abaa90cf9fee5cd6bbdec09a78ecd1dbcf3215d2e753c7705080e216e9341a4
3c8e61824299c44bbcbbe767af4935ec2b7448a2a2c8e3f086b1ecd21f1f11f4
3d0b0fb18c61e7ad43efba582ebf78bad5c5770284df6f85b05faeb60c83e527
3f0eb6a081000f839bed50e38de0690a47121ad8904a24879e2a6fd0361acd02
4021e214b32f3d1367300c674717f2547b9b04df968877bf8a95c2547791ec7d
42cd1ad0b952a537dd0ef8278f2180988d7d8797337ece6740d2773bd05e24f5
431129fbea1c10b9064a49ece94801051fcad27f555a6a4d77a403a44af2d3b1
43f76171f35860924a58be5a083d76818b7955df8e7fb7e9707bb970c0910580
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4434d3ccdc7ad62470facaadcb46dfc83591025453a257e72e1388ce8698ac25
44d0e3f9f6e2adf133f7aa380064866e62d348a6375080aed89b394b9d017820
460545e8da83d55f1cdfd9b59590b203963d00eeb6783192a980fbd7ca160da1
468e777478117be830b202b97cdf0304bee6f3d9fd4cb1ce70650ed93b7fa4a1
47887192d2645b9b0b614ec681b23cf629603f3be8d9b6c6c9dcc7cb84e6d478
48487719589a826a90903bb45a2e48f0abc2a7f16e9d29171b04770de02f392d
4a2add6131d6fd40371fb8f4f87fc2cabda977c4133f5f2330b53b8acb5456fb
4a30e2574a80f42dc38cc79ce24d0ef6f83f393e6d3d251368d224e6d0abe7d8
4a5abc9845ae1d2a12a5dfab39204a10dbea4eaee3de51606869aeffa05fb037
4bc02a3cbcf5c15c6ead23f21697926f0e9da6b1f742530cdf56860fa65c9c97
4c97002b213b4c62fc5934747965d1045624e64e70aa2149380be66e812c4c2c
4cdc80bacdcc5a62e78e39b28c79194d5133829a06970fb944567dba38984d71
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
50f8a16caaf4da74ce98dcd88c39bcce6bdd1b8dbb191c702609f7e08c0dc85c
51370e76b900a0ed29a015c3276422467b64242f7ac2b3344138d883538bf3b2
5189a2fad32f892b7adca7874e5203745a9940ccda9809ae16ed485c273c9fd8
530de4dfceee78d2942125bd48f63fc049a1486e96e6eabee8a8fbed0114d6a7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5540f3cde66a3a8ae1d5c26599e0c8a5bd94af3ff08477bab5cc0fc56621faf7
559fa0944758fccbeb357ed54c9e8ae244bae232259fe0b0d3e31f5e88c4aaeb
55ad580db72478453e3179ccab7ea9766c7705dc5a444f19e9ebbb98af1d1e9b
57582f4ee33339e7c0154b05710c95f96444b5f5a09d72b4eeed4d51524b4407
58b15181b6699b00bdd6774c1633b1356abf942bad58a9827543e0fff381d12d
5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0
5cbd64ee0f51b90524d4596555ed220802ebfcfac28db92b7ef3f056e0e09dc2
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
6061136d38fccabdb728cf0fea3f9cba79bd0b24951c37e32c681355bf841d4e
61fa9e0a912c675e178777d2b27f6cbd482f8912a6b0aa31fa3515985a8cd626
636d9ca93848cab49b92d0bc87073d8a93847c5e18730d5a9940496b177b4f81
63f0056630bad2f0da54f09daada8ce4c8ab4dccfb7b9847ee96c9c3cf6aeadd
69471787a0ef7b0148b3bf6f63dd1665afa1918842ac6076aefa902b20e3153d
696c79e4516c963c6b72f1d71f0d79c45bcfd302a1c6eab304cb77e70ffbfc9e
6b8503dbbf03f82fc125d897793b6548c42d04e86e1d821485e10e94c1153655
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf7c234a8f3ac641147e6a23d743e4fa37f5a4bc315532b8d3eb36596120351
6ea7a74fea578ebd2500d7aaa9974f563aac61f98bda6bb777aa2fa78e2f8176
6eedb5cb03cd314447579708e86b712ff39e75c695438c9f3e7c36f56753e04c
6fd24e12a9c2fd698d928052f531a1309818c0179f483a5980f4ea2bbfd57832
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
7570cd8f44031f13f92a393607bab34cedde1d42d3513dfeb8c1e9c693390f0b
75e5306935fa9ed4526275cbc0f83dce2de87359db9761595b877aaa57c869f0
7d106cfea77230388021377f41c79fa839272a82f51852ff60866e12b2aee526
7d74a152667436bc5f066fd26976e34ded30d73b68170696650244e70d042b56
7dc863a264a3ff4a5b37453fff98a7025eda7f24400151512ee56ac92a76810b
7e5d9009e86a53f67e2eb846cc835fcea43bcef8afd1db9d65bd3053239d703c
80e528be853eac23af2454534897ca9536b1d3d04aa043b042f34879a3c111c8
817dee4a2c10cbda4891696c79f42c771d231480cef7d0e9e3c2403226ce0798
82f558471f3b224f78ed5a6a5fc98e127353cf3629df93f6c86c49193cb378f0
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
83ebfd44d34d78d38bb8cb97a583b987b1fa0459205e3eb97faf6a4b846f61e1
84e02f342e9f5d815afefe832efce3c12eea6f42813ae13eebbf86387e6c81c6
85519a6184da9703d5fcc338e94d7364a45f859c469eb5139584d312ed9a13d9
8d1dcc0e8d208ab7fc9e3696acaf21eab8c467bbcf350ce736b9546d19520320
9287435b863d30bcb40af1c5aa2feedee9e09186e4f2515bb13718a03946d9f7
932bdc4c22755a8e867cc1dd8c24649a15dc6924fe8bb8bbfc58e2b8f25a99fe
95b5ee4407ed9d4857da5924ae5dbe04bbeb582142d822af9b3967388e515088
9853cac3e2ffd5f3f2fea511e2af7131b3d670d2cb30fe16a63b57dc0162df0c
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9bf248c0e3e3cd9932e23decdbe7ad9547bf4309e9c8582d89ab90d7feb7deca
9cc67ad3fcd70f89e1b07f03a696239095df927ec26dc09fc90de777733130ac
9ea65de03e2d7b9c589c199f01e42a1f95fe5cb0fa95c6efe7e003a787123345
9f18df13f78f25f684e7fe77b797ac1da749ee8529e84dc912ad201bde27704c
9f951eb7d8d53973c719de211f807d63af81c644e5b9a6ae72661ac408d472f6
a20f4b9efd327a67288e97dd3d892d8131b968f2b253b5ec5566fa78b706bf3b
a244fff3609977e244d9b136717cd1fb34067a610e22362985d9491087fcfb77
a251b2ab03e3706a686adbb9d3d722ecb0203cb6731a73fbbe70f908f9222ee8
a53bb14ed15bd7b1689d9c87007a4fc4cbe68ab5c11e645eb407b7ab215eb761
aa03b89682a1f628e945d75327d8d602161b73c35d7159a34e6b2d01af15e4ca
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac0a2ef9e987d83598c7d1852fd10f3219a7fa43a7e64159999c18767da39ae8
ace49121c4de47196c68cb07825c7f5bdc27bdb42789e18155ea37033d95bcde
ae3bf7e1679d80867eadb5f5f0489e1fa92bd0fc8dbd24be4a8493230a18fb20
aedf341d94edcb05cc388b74e808e55e442aa1b417646204ccbab4f2bdfdf904
af6752fd10e37902e640bee5e9e1eac16750cd3b31a7fff5cabf684695738465
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b013a09925e76faa79a0b7e9bd9dce571433b917f0ecf860a22dfcc849e5ea04
b143603097429a707416baa8fd4ef270bb3dcc58178033c28d80ec15b089e389
b185f58ad75e0c5a3c6061525d5e26a71cfa1212146ea78b82cd1318eead7a35
b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66
b5612f69b7e9bc926acd5b28953653996ec75e6de73fdb110f3598c28754a610
b5fa5a2dc1dca5fca8b258a511f7444658e3d4e40c1374fca6b57afd115eaf7a
b66ad8b16ee36a2089dbb06cc6a810be5a49cd1cc0c9844a233092e06d94429a
b7d4dce62015f8a1606957825ef7ddd32daf49c85930e5ac3c96e2e680d4d01b
b860e6f918fe6da358e0859961ed57ddf78b09341ac204fb9f77df8b332de9bc
b8c650d995f1ae3743ce9b34aeb5adf39bb41965170c89a99b20b8801450456f
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
bd00d5ead0a82675fcd311195ff5013ff1a1220640224df570d7b6f22bea7071
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
bd82b3dc2d9d363d8a67c3b7d8ceb2a1088e2eaba2ef5307c89fc66d39be27bd
be980487b85ec608c6fdd4b31f2db4a2526ce8ae0cf27fc4bf3cf7f9df1d9775
bebb2df8fe1c43ab33f73431842dfbc73f6476b2599f131ab697e0d62763c406
c078c647c692cb23341955fa5f6e2e2867be78f57e9d29e4b65bf004c68ac9d0
c0de416f552af64fb1eee8f6efb8e744a55605addb1862a62e122c89c49b8638
c11a1da429bf9a9c94c30937ca282f5a931f9e5e62665c28197d915b80b221b8
c46fac52c0255956e72289f1c72b3c6cd18a980b949e005a1e026a1a7a07e2ee
c63544d9fcf41f388f80453ce2b7439cd80c8c75c65f9b9f637a3217b19050d1
c80c40945cf8bd857de425a6f1d91fb8adc6a3b0324334b1f91ab818bea5deb2
c93878b91ced821261bcc78807eaf79f60b9031bc190c1b45966b801faa66b46
c9f0e296d507392834eb3abb1080684e5350c4b4533eceef95498bc7d678c233
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb8a771e2f9afa61d8afcd203be89de60463573d1244d4f31284339a6fc3f655
cbd127b528ffd3bcc578eb05182004e394549470a7884b698ea043ca839107f5
cd114c8272b27e104e1ae5e91e31452803f46856c60195efcc0196936b9f2a37
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cf09db36a73dce64a30c34ad16fbc105bb5b3785c06cd871f6fbb3b8d8de7709
cf61a77c91590c66e9df31a7957d4101fd7497ffc8d53e71895ac1e012fb9f35
d2533c8e2ab843fab73ebf949f41959aa93a9376019e8d9ec57fb79fdcfdd980
d388f4371ff8b0c732d09cdbf186ba66c087c507faf9bc85c96b817742a1314e
d438834845654960328b6052f38cdb8ed7d8a265f2254c50cb9fee8126f0a399
d63fff0cfccc84d53cc27cf47326e737029e37b5fe254740389c0dedf8ab4713
d675645bbf244995f000af8fb7cdf710659e84239882043588b912ede8acf195
d74c3eb614bc7b790b4be5e50fac445e093f5e10c21492655dedd1b833b0b101
d76a7edcc5722c4f7e9eff683e16eb6c401ab41c0b609fc453b4a41c5bfa8fea
d7aa033b9a91ccbb1605037a7877390d693aa44b0f3c0dc22ed661c7fe6e5d3a
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
d9087116ad3cbb3c89a8f0205d9a4bd3435c58d6ec75b4be00cef7ecd31ae3de
d965e0b23881c7da8bd6fdce92c9956d0e3f78aadddb3672da59ded69d1c7ebb
db882cdd533971020cea3625fbba87daf710866e067ddf3ee7bab74bf51c12aa
dc7addbd19fe5d5f444e00d2e27641962190abd5cb5d358e020010c3ddce3b90
dc7ae5b0f4e7ae5604bb2a6df5c70405386cb35d69317bcbaa1385ff33158a61
dcc1704f62309c9b57998d95eb6f333e1133f4f2e08420b9dd5bbbc17ff57fa7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e029c6f2ea0038833bbc597ea2bc0b8ec3ef481f400dd48cf0d35a1657d5b7e4
e12c953d211a24ebd41828880acc220c30b1a182c2ae5ad02d3773bdc8fc3cfe
e1fcc965ac290d6eef52131da43bf4912106cc6229645a7410d4a0b9afef8189
e27e115ca8d8e8ec223b65b473932ddd9782f51b2654946a5823701508308432
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75cd890292c90b5f1cefb77175bcc92f9ff6eb7e06ae25e958b3135262cf730
e7a6d10042ee9813379a17eb3e192481d7addc6b28e08914cd5a3711ccb32c62
eb3a3e9613686873f76fc584776d25fffb7af5ccdd4fbc0b437085efb400bc00
ebd2621fdfa31ded947c27d035aaf3de95c4ccc33d998827b85ba7bbc705068c
ec8308209e4d7e94930cfa78e349fef5234da812af3ff3d6a58786a9a87cf512
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e1512884b9b727b7e7201cfc8a281c10a6eb519626569185ef51b4325e963
f0e78dd3eab7516b9d924e8e8141788578a72df826a48fbe1c12ef9ff32fd7a7
f1a0df700b4ecb7dafc107c659ba028b9f69cfb82ee41a7dbecdcba217c5c8f6
f435d2d4ef9844bf215b1910333a5a4aa66f8be97a0f4444a5ad801550405a07
f44fbefe0d08f83961ab49d30be070ec4c1dcdbb25c95720b9b1397e23263eec
f4f3502f47ad0418770ac149809cb6999cc7d6a40f3956b16a1c86e7f3365fa9
f83de32a3933e3e5f164057cba065389856d91dfef9329eb568a47ccea26b5b7
fe075881fdea4b0fc3d84abb431dd96efde19005316f2de6e047fbeb8190dd71
fe5d29edb0718b952e1ee7b9e9a15ba86dc481532ac74acc69dc0a17f0a13842
ff207c4e85adfe8a1820a63aca88aede1f23b4681ef557cb9b51845d1583687e
ffc373859cf3c136f5f73ca20d332c1385baa951804f7ce753ae9187ebaf2d39