urlscan.io logo urlscan.io
SecurityTrails logo

www.baumannartsbox.com Open in urlscan Pro
35.205.106.164  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.baumannartsbox.com/
Submission: On September 26 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 35.205.106.164, located in Ascension Island and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.baumannartsbox.com.
This is the only time www.baumannartsbox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35.205.106.164 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
9 104.199.73.225 396982 (GOOGLE-CL...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.216.218.128 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.216.176.77 16509 (AMAZON-02)
19 7
2    35.205.106.164 (Ascension Island)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 164.106.205.35.bc.googleusercontent.com
www.baumannartsbox.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    104.199.73.225 (Mountain View, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 225.73.199.104.bc.googleusercontent.com
static.subbly.me
3    2606:4700::6812:45d (United States)

ASN13335 (CLOUDFLARENET, US)
assets.subbly.co
www.subbly.co
1    52.216.218.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:55d (United States)

ASN13335 (CLOUDFLARENET, US)
subbly.co
1    52.216.176.77 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
Domain Requested by
9 static.subbly.me www.baumannartsbox.com
2 www.subbly.co www.baumannartsbox.com
subbly.co
2 fonts.gstatic.com fonts.googleapis.com
2 s3.amazonaws.com www.baumannartsbox.com
s3.amazonaws.com
2 www.baumannartsbox.com static.subbly.me
1 subbly.co 1 redirects
1 assets.subbly.co www.baumannartsbox.com
1 fonts.googleapis.com www.baumannartsbox.com
19 8

This site contains links to these domains. Also see Links.

Domain
www.subbly.co
www.facebook.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.subbly.me
R3		 2023-09-18 -
2023-12-17		 3 months crt.sh
subbly.co
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-07-10 -
2024-06-21		 a year crt.sh
www.baumannartsbox.com
R3		 2023-09-26 -
2023-12-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.baumannartsbox.com/
Frame ID: ED3F7980C8C6FCCC6D969E688457E205
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Baumann Artsbox-Monthly Subscription - Children’s Toys Website Template

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

84 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

1405 kB
Transfer

2481 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://subbly.co/assets/analytics/js/analytics.min.js HTTP 301
  • https://www.subbly.co/assets/analytics/js/analytics.min.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.baumannartsbox.com/ 		92 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.baumannartsbox.com/
Protocol
HTTP/1.1
Server
35.205.106.164 , Ascension Island, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.106.205.35.bc.googleusercontent.com
Software
/
Resource Hash
007c055195cf90d90f5a0a8d7afc5e847daab676c36b930a6812bab3a795c054
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Country
GB
Date
Tue, 26 Sep 2023 16:41:25 GMT
ETag
W/"1718c-L7QeyggMeyA466yglRat/D/n4O8"
Strict-Transport-Security
max-age=15552000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Assistant:400,600,700,800|Biryani:400,600,700,800|Poppins:400,600,700,800|Sniglet:400,600,700,800|Work+Sans
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cbe0b60558e4036188380f6f34caba6b3c701c48c120465f157d8379025bd8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Sep 2023 16:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 16:41:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Sep 2023 16:41:26 GMT
public.css
static.subbly.me/assets/css/ 		747 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.subbly.me/assets/css/public.css?v=1694686791
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.73.225 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.73.199.104.bc.googleusercontent.com
Software
/
Resource Hash
ded4d479ab07882fdb24d95af145c4cff660b4ee7ece1d063d3fc3e91413f107
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
public
date
Tue, 26 Sep 2023 16:41:26 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 14 Sep 2023 10:25:16 GMT
etag
W/"6502df8c-bab49"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2024 16:41:26 GMT
public.css
static.subbly.me/assets/partners/Subbly/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.subbly.me/assets/partners/Subbly/public.css?v=1694686791
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.73.225 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.73.199.104.bc.googleusercontent.com
Software
/
Resource Hash
bc4558db56b18f640846b24f7524717b9b881ea8e2e32f4ee59957e5fec37528
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
public
date
Tue, 26 Sep 2023 16:41:26 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 14 Sep 2023 10:25:16 GMT
etag
W/"6502df8c-40d1"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2024 16:41:26 GMT
public-en.css
static.subbly.me/fs/subbly/userFiles/baumann-arts-llc/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.subbly.me/fs/subbly/userFiles/baumann-arts-llc/css/public-en.css?v=1610105916
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.73.225 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.73.199.104.bc.googleusercontent.com
Software
/
Resource Hash
41fe9eee77f575802fa36e58080c8cdda12fdccd8b23e2ce23843729d87d6ebe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
public
date
Tue, 26 Sep 2023 16:41:26 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 08 Jan 2021 11:38:36 GMT
etag
W/"5ff8443c-137c"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2024 16:41:26 GMT
logo.png
static.subbly.me/fs/subbly/userFiles/baumann-arts-llc/images/ 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.subbly.me/fs/subbly/userFiles/baumann-arts-llc/images/logo.png?v=1610091565
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.73.225 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.73.199.104.bc.googleusercontent.com
Software
/
Resource Hash
8a40548452f4b5eae3c80ea1734433983d3972df19438b05cd34ec72a8457087
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
public
date
Tue, 26 Sep 2023 16:41:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 08 Jan 2021 07:39:25 GMT
etag
"5ff80c2d-4b798"
vary
User-Agent
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
309144
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2024 16:41:26 GMT
jquery-3.6.0.min.js
static.subbly.me/assets/jQuery/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.subbly.me/assets/jQuery/jquery-3.6.0.min.js?v=1694686791
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.73.225 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.73.199.104.bc.googleusercontent.com
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
public
date
Tue, 26 Sep 2023 16:41:26 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 10 Jun 2022 14:18:39 GMT
etag
W/"62a352bf-15d9d"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2024 16:41:26 GMT
publicAssets.js
static.subbly.me/assets/js/ 		174 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.subbly.me/assets/js/publicAssets.js?v=1694686791
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.73.225 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.73.199.104.bc.googleusercontent.com
Software
/
Resource Hash
a61561b5cee725919a22e05917508e393a4a6f6ef87e9f15539a21b50d9cf1ae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
public
date
Tue, 26 Sep 2023 16:41:26 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 14 Sep 2023 10:19:51 GMT
etag
W/"6502de47-2b6c2"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2024 16:41:26 GMT
public.js
static.subbly.me/assets/js/ 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.subbly.me/assets/js/public.js?v=1694686791
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.73.225 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.73.199.104.bc.googleusercontent.com
Software
/
Resource Hash
44c96ac8fadb5d284a4d128dbbdbc9c4cbd563f27ce6571aad8ac794577cdf84
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
public
date
Tue, 26 Sep 2023 16:41:26 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 14 Sep 2023 10:19:51 GMT
etag
W/"6502de47-12fee"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2024 16:41:26 GMT
public.js
static.subbly.me/assets/partners/Subbly/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.subbly.me/assets/partners/Subbly/public.js?v=1694686791
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.73.225 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.73.199.104.bc.googleusercontent.com
Software
/
Resource Hash
7f7aa62f82fbaac7ecd3e3640f0e644b9148095fe097648cf154e9363804817f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
public
date
Tue, 26 Sep 2023 16:41:26 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 14 Sep 2023 10:25:16 GMT
etag
W/"6502df8c-4771"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2024 16:41:26 GMT
cart-widget.js
assets.subbly.co/cart/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.subbly.co/cart/cart-widget.js
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:45d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466b21f68176c11a0b0e2bce25f23ebb3202ca4dc808b35c8fe06321670e2b51
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Tue, 26 Sep 2023 16:41:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Sep 2023 10:20:47 GMT
server
cloudflare
etag
W/"650c18ff-783"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store,no-cache
cf-ray
80ccf4539e4348bb-LHR
subbly-sdk.min.js
s3.amazonaws.com/subbly/cdn/embed/v2/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s3.amazonaws.com/subbly/cdn/embed/v2/js/subbly-sdk.min.js
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
HTTP/1.1
Server
52.216.218.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
24c7d9710bfe9b02f4d512266ee1de61f56ee3951f6c0474a77684547890447a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Tue, 26 Sep 2023 16:41:27 GMT
x-amz-version-id
5S.8xWNsP4If6gmiE3kZzY6cjiJCa7tt
Last-Modified
Thu, 15 Apr 2021 15:06:34 GMT
Server
AmazonS3
x-amz-request-id
H7RYBRQ4284ZAHDW
ETag
"05a6398aca21e20df8dc96432cbcef76"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5559
x-amz-id-2
lNOEmnOT97Akzyl+7txFT95tsK5Jf8agdrqqlByyvJjqe5/H85oxVk9w297Nat5rJJSUpzPhiDs=
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant:400,600,700,800|Biryani:400,600,700,800|Poppins:400,600,700,800|Sniglet:400,600,700,800|Work+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.baumannartsbox.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 00:30:46 GMT
x-content-type-options
nosniff
age
490240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Sep 2024 00:30:46 GMT
cIf9MaFLtkE3UjaJ9C6hYUsEkIo.woff2
fonts.gstatic.com/s/sniglet/v17/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sniglet/v17/cIf9MaFLtkE3UjaJ9C6hYUsEkIo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant:400,600,700,800|Biryani:400,600,700,800|Poppins:400,600,700,800|Sniglet:400,600,700,800|Work+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d04bf2a0e1980eb7b569a8a2e21836d9ff8460cd4ab00ea966d7950070ae3a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.baumannartsbox.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 23 Sep 2023 07:48:47 GMT
x-content-type-options
nosniff
age
291159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:20:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 07:48:47 GMT
113-box-demo.png
static.subbly.me/fs/subbly/userFiles/baumann-arts-llc/images/ 		802 KB
804 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.subbly.me/fs/subbly/userFiles/baumann-arts-llc/images/113-box-demo.png?v=1610091527
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.73.225 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.73.199.104.bc.googleusercontent.com
Software
/
Resource Hash
c77e21db88b3a19a28ecb407a2511b4c60d93be25e90154a1d29067ad628c10c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
public
date
Tue, 26 Sep 2023 16:41:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 08 Jan 2021 07:38:47 GMT
etag
"5ff80c07-c8801"
vary
User-Agent
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
821249
x-xss-protection
1; mode=block
expires
Wed, 25 Sep 2024 16:41:26 GMT
analytics.min.js
www.subbly.co/assets/analytics/js/
Redirect Chain
  • http://subbly.co/assets/analytics/js/analytics.min.js
  • https://www.subbly.co/assets/analytics/js/analytics.min.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.subbly.co/assets/analytics/js/analytics.min.js
Requested by
Host: www.baumannartsbox.com
URL: http://www.baumannartsbox.com/
Protocol
H2
Server
2606:4700::6812:45d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8cd6c6857c014ee90f720aadefeb47f1b44e75c7a58ca5716fa3c62334be0c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 26 Sep 2023 16:41:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2023 08:09:28 GMT
server
cloudflare
age
2509
etag
W/"65114038-1117"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
80ccf455294f48bb-LHR
expires
Tue, 26 Sep 2023 20:41:26 GMT

Redirect headers

Date
Tue, 26 Sep 2023 16:41:26 GMT
CF-Cache-Status
MISS
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
location
https://www.subbly.co/assets/analytics/js/analytics.min.js
cache-control
public, max-age=14400
X-Frame-Options
sameorigin
Connection
keep-alive
CF-RAY
80ccf453bd544142-LHR
Expires
Tue, 26 Sep 2023 20:41:26 GMT
subbly-js-styles.css
s3.amazonaws.com/subbly/cdn/embed/v2/css/ 		25 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/subbly/cdn/embed/v2/css/subbly-js-styles.css
Requested by
Host: s3.amazonaws.com
URL: http://s3.amazonaws.com/subbly/cdn/embed/v2/js/subbly-sdk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.176.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
39bb45d4721cc6823eede3919f952e2f885bc8f4e1516adbcb88040550d0f951

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Tue, 26 Sep 2023 16:41:27 GMT
x-amz-version-id
KaEZgrMYeHCHCTPuTbwoV3OVX78_iIhq
Last-Modified
Thu, 15 Apr 2021 15:06:34 GMT
Server
AmazonS3
x-amz-request-id
H7RK5AM2K0TB4QG9
ETag
"546e195c7673969944ba04dff8b4c2ac"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
25880
x-amz-id-2
sDFBFwBNL+jwz5faQVUsioZEPMHeB8wVBQUeR+l42jIdxDxtgts7Hw0hANb0JlI7zXzD7vG3GZg=
getPopups
www.baumannartsbox.com/papi/default/Popup/ 		86 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.baumannartsbox.com/papi/default/Popup/getPopups?data=%7B%22pageId%22%3A1%2C%22currentUrl%22%3A%22%2F%22%7D&_token=
Requested by
Host: static.subbly.me
URL: https://static.subbly.me/assets/jQuery/jquery-3.6.0.min.js?v=1694686791
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.205.106.164 , Ascension Island, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.106.205.35.bc.googleusercontent.com
Software
/
Resource Hash
ac21da8fa22671f14419653cad894b5913ab9d5b35f9509bf826994a68a4eea6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://www.baumannartsbox.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 26 Sep 2023 16:41:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-download-options
noopen
x-dns-prefetch-control
off
vary
User-Agent, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
country
GB
x-xss-protection
1; mode=block
13516
www.subbly.co/track/ 		35 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.subbly.co/track/13516?data=%7B%22e%22%3A%22pageview%22%2C%22t%22%3A%222023-09-26T16%3A41%3A26.815Z%22%2C%22kv%22%3A%7B%22name%22%3A%22Baumann%20Artsbox-Monthly%20Subscription%20-%20Children%E2%80%99s%20Toys%20Website%20Template%22%2C%22referrer%22%3A%22%22%2C%22id%22%3A%220b97183c-3aa3-44cf-a2d0-696752d39115%22%7D%7D
Requested by
Host: subbly.co
URL: http://subbly.co/assets/analytics/js/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:45d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c8788883b1ac154143db2bbd1af3c1a05957b550d65c0d3288c398711b7e75b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://www.baumannartsbox.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 26 Sep 2023 16:41:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ghYiyJk5IAgZ0JrTG5OJs1ieQ304A.kb6uczjcIRYE0-1695746487-0-ARivKDf4bype6-nZJHIR4swDeOVg9KUp338-mkLVQQw1Ph8TDQ9kCG_uErOtvo6b8pGv83jkkfT1AqbAZvzd2SN8njJ3vnYxhY6JeFBsVS0k_fFrg3QtUx0NppTfwxN6foO8Sx1NvqIN3SLAejkbpuo; report-to cf-csp-endpoint
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ghYiyJk5IAgZ0JrTG5OJs1ieQ304A.kb6uczjcIRYE0-1695746487-0-ARivKDf4bype6-nZJHIR4swDeOVg9KUp338-mkLVQQw1Ph8TDQ9kCG_uErOtvo6b8pGv83jkkfT1AqbAZvzd2SN8njJ3vnYxhY6JeFBsVS0k_fFrg3QtUx0NppTfwxN6foO8Sx1NvqIN3SLAejkbpuo"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/json
access-control-allow-origin
http://www.baumannartsbox.com
vary
Accept-Encoding
access-control-allow-credentials
true
x-frame-options
sameorigin
cf-ray
80ccf456ab8548bb-LHR

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| ecommerceAssetsDomain object| typographyTranslations string| currentLanguage string| currentLanguagePrefix number| renderCustomCodeOnClientDomain function| tryToRedirectToRightLanguage function| getCookieObject function| getLastLanguageFromCookies function| isCustomDomain function| getDefaultLanguagePrefix function| getAssignedLangPrefix function| setLanguageCookie string| hrefLangRelations object| cookie boolean| popupsExist string| anchorMapping object| page object| currentLanguageObject number| isTablet number| isMobile number| websiteElementsDisabled number| printElementsEnabled number| siteArchiverEnabled boolean| signOutFromAll string| croppedUrlPrefix string| userFilesUrl string| accountsUrl string| accountsIframeUrl object| currency string| helpUrl string| websiteUrl string| publicAddonsAssetsUrl object| publicUser string| staticUrl string| storageUrl boolean| hasEcommerce boolean| hasPayByReceipt string| subblyProductUrlBase object| translations object| styleSheetUrls string| _token string| editUrl string| baseUrl string| apiPrefix string| publicApiPrefix string| publicRestPrefix string| accountPopupButtons string| logoutFromAllDevices string| pageId object| siteInfo string| googleMapKey number| previewMode function| ll function| raf function| $ function| jQuery object| sp object| Subbly function| createCopyTextTooltip function| ready function| setShowLayoutParamsAllLinks function| getCoords function| fixFooter object| underHeaderModules function| fixFirstRowMarginTop object| resizeTimeOut object| calcTimeout function| calculateVideoBackgroundPosition function| convertToAlias function| showSystemMessage function| hideSystemMessage function| initUploader function| onYouTubeIframeAPIReady function| initVideos function| vimeoBackground function| youtubeBackground function| videoId function| startPoint function| setLoadingEffects function| startLoadingEffects function| setGallerySettings function| setMasonryImagesPos number| lastScrollTop function| hideBackgroundImage function| outerHeightDimension function| fixHeaderRows function| getAllPopups number| popupAnimationDuration function| initPopups function| hashHandler function| getItem function| setItem function| addPopupId function| correctStructure function| updateStructure function| popupTriggering function| openPopupsWithInterval function| checkOrigin function| receiveMessageForPopup function| openPopup function| closePopup function| closeOpenedPopups object| ucExternalUrl object| cookieUrlQueries undefined| returnUrl function| Api undefined| moduleController undefined| marginController object| confirmData undefined| confirmObj function| confirmPopup function| closeConfirmPopup function| capitalizeFirstLetter function| ucRequest undefined| receiveMessage undefined| userAccountFrame undefined| logout undefined| logOutFromAllDevices undefined| cancelSignOutConfPopUp undefined| signOut undefined| handleIframeLoaded undefined| handleIubendaClick undefined| changeIntercomeStyle undefined| changeLayout undefined| hash_change undefined| checkUserLogin undefined| iframe_popup_show undefined| iframe_popup_close undefined| signIn undefined| getCookie undefined| setCookie undefined| deleteCookie object| UcAnchor object| activePopupAlias boolean| removeNoScroll object| referrerPopupAliases object| api object| animateEffects function| anime function| toggleModuleAccordion object| countdown function| onUcraftFormSubmitError function| onUcraftFormSubmit function| toggleCheckOption function| setLanguageSwitcherEventListeners function| configureSubLanguagesToOpen function| changeLanguage function| initializeMap function| loadJS function| isEmpty function| changePasswordProtectionValue function| scrollToFeatures function| togglePackagePricing function| activateSwipe function| destroySwipe function| togglePlanRoundButton function| openMobileFeatures function| checkMobileFeatures function| calculatePosDifference function| checkFixHeader function| onClickFeatureSwitcher function| onSubscribeError function| onSubscribe function| showButtons function| hideButtons function| filterByTag function| openPopUp function| closePopUp string| timeout function| closestByClass function| playVideo function| openUcSubMenu function| closeUcSubMenu function| checkToCloseUcSubMenu function| submitPasswordProtectedForm function| subblyProductinitSlider function| redirectIfNecessary function| addSeperator boolean| popupLoaded string| baseUrlModified object| tv boolean| initVideosPopup object| popups

4 Cookies

Domain/Path Name / Value
www.baumannartsbox.com/ Name: country
Value: GB
.baumannartsbox.com/ Name: _sp
Value: %257B%2522id%2522%253A%25220b97183c-3aa3-44cf-a2d0-696752d39115%2522%257D
.subbly.co/ Name: csrf_cookie_subbly
Value: eyJpdiI6InN3M09aR3kzdmR6aGRhc3JBeWxuRVE9PSIsInZhbHVlIjoiemRzNnlOdklqS0pYNFwvOHZqN2NEU0E1T3FaTmNudGpPVDNzSnFCbEh5SEE0ZzJnNkpkTXBrTzBKVG11XC8xWVp3IiwibWFjIjoiZWY3ODc0ZjkwOWYyYzc2NzcyOTUwNDcyMGE0MThmOWVhYTBlZjFjOWRiZjQ4NzNlOWIxMTEwNDQyYmU5MjgwMCJ9
.subbly.co/ Name: ci_session
Value: eyJpdiI6IjdvMlhcL0NVVkZsc0Q5OVl6ZHNNYVNRPT0iLCJ2YWx1ZSI6Im5GT2lmQ2pzRHl5eUVDdzE5NHY5bUlqUmEwcTdCRUozMG5yOVRUWDl1aDlVMXdRbGRVZmxydytJK1krdDUrTzR2cDZydGhScm1FOFFWMkg4MEpBbTlnPT0iLCJtYWMiOiJhYWI5OWMzNDQ4MTk5MzdhMTU5N2RhMjI0MTQ1NjVlYTAyNTllZDFmMzljMDIwZTBmYjAzNDQzMjM3MmVkZDM2In0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.subbly.co
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
static.subbly.me
subbly.co
www.baumannartsbox.com
www.subbly.co
104.199.73.225
2606:4700::6812:45d
2606:4700::6812:55d
2a00:1450:4001:806::200a
2a00:1450:4001:827::2003
35.205.106.164
52.216.176.77
52.216.218.128
007c055195cf90d90f5a0a8d7afc5e847daab676c36b930a6812bab3a795c054
0b8cd6c6857c014ee90f720aadefeb47f1b44e75c7a58ca5716fa3c62334be0c
24c7d9710bfe9b02f4d512266ee1de61f56ee3951f6c0474a77684547890447a
39bb45d4721cc6823eede3919f952e2f885bc8f4e1516adbcb88040550d0f951
3cbe0b60558e4036188380f6f34caba6b3c701c48c120465f157d8379025bd8d
41fe9eee77f575802fa36e58080c8cdda12fdccd8b23e2ce23843729d87d6ebe
44c96ac8fadb5d284a4d128dbbdbc9c4cbd563f27ce6571aad8ac794577cdf84
466b21f68176c11a0b0e2bce25f23ebb3202ca4dc808b35c8fe06321670e2b51
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f7aa62f82fbaac7ecd3e3640f0e644b9148095fe097648cf154e9363804817f
8a40548452f4b5eae3c80ea1734433983d3972df19438b05cd34ec72a8457087
9c8788883b1ac154143db2bbd1af3c1a05957b550d65c0d3288c398711b7e75b
a61561b5cee725919a22e05917508e393a4a6f6ef87e9f15539a21b50d9cf1ae
ac21da8fa22671f14419653cad894b5913ab9d5b35f9509bf826994a68a4eea6
bc4558db56b18f640846b24f7524717b9b881ea8e2e32f4ee59957e5fec37528
c77e21db88b3a19a28ecb407a2511b4c60d93be25e90154a1d29067ad628c10c
d04bf2a0e1980eb7b569a8a2e21836d9ff8460cd4ab00ea966d7950070ae3a81
ded4d479ab07882fdb24d95af145c4cff660b4ee7ece1d063d3fc3e91413f107
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e