urlscan.io logo urlscan.io
SecurityTrails logo

bakesy.shop Open in urlscan Pro
75.2.60.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://18thavenuesweets.com/
Effective URL: https://bakesy.shop/b/18th-avenue-sweets
Submission: On August 05 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 29 HTTP transactions. The main IP is 75.2.60.5, located in United States and belongs to AMAZON-02, US. The main domain is bakesy.shop.
TLS certificate: Issued by E5 on June 28th 2024. Valid for: 3 months.
This is the only time bakesy.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.49.23.144 53831 (SQUARESPACE)
6 75.2.60.5 16509 (AMAZON-02)
1 184.30.208.159 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 2600:1901:0:7... 15169 (GOOGLE)
2 13.32.99.92 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.78 16509 (AMAZON-02)
7 172.67.194.185 13335 (CLOUDFLAR...)
29 9
1    198.49.23.144 (United States)

ASN53831 (SQUARESPACE, US)
18thavenuesweets.com
6    75.2.60.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: acd89244c803f7181.awsglobalaccelerator.com
bakesy.shop
1    184.30.208.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-208-159.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
2    13.32.99.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-92.fra60.r.cloudfront.net
js.stripe.com
4    2606:4700:3037::6815:14e3 (United States)

ASN13335 (CLOUDFLARENET, US)
api.bakesy.app
2    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    13.32.99.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-78.fra60.r.cloudfront.net
js.stripe.com
7    172.67.194.185 (United States)

ASN13335 (CLOUDFLARENET, US)
static-production.bakesy.app
Apex Domain
Subdomains		 Transfer
11 bakesy.app
api.bakesy.app
static-production.bakesy.app
836 KB
6 bakesy.shop
bakesy.shop
479 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
156 KB
4 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 981
161 B
2 gstatic.com
fonts.gstatic.com
61 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 5013
17 KB
1 18thavenuesweets.com
18thavenuesweets.com
174 B
29 8
Domain Requested by
7 static-production.bakesy.app
6 bakesy.shop bakesy.shop
4 api.bakesy.app bakesy.shop
4 js.stripe.com bakesy.shop
js.stripe.com
4 sessions.bugsnag.com bakesy.shop
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com bakesy.shop
1 appleid.cdn-apple.com bakesy.shop
1 18thavenuesweets.com 1 redirects
29 9

This site contains links to these domains. Also see Links.

Domain
www.bakesy.app
Subject Issuer Validity Valid
bakesy.shop
E5		 2024-06-28 -
2024-09-26		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2024-06-06 -
2024-12-03		 6 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-20 -
2025-04-15		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh
bakesy.app
WE1		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://bakesy.shop/b/18th-avenue-sweets
Frame ID: 19C2915245EDE7AF1B31C667ED7F8030
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-530a27afc5c23852e63b119c1228384a.html
Frame ID: 97CCDF09C84A5B071D35CC31FAB0D25D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 93D150FCE8D93C14FF075C66039EA036
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

18th Avenue Sweets on Bakesy

Page URL History Show full URLs

  1. https://18thavenuesweets.com/ HTTP 302
    https://bakesy.shop/b/18th-avenue-sweets Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

29
Requests

100 %
HTTPS

40 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

1550 kB
Transfer

3298 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://18thavenuesweets.com/ HTTP 302
    https://bakesy.shop/b/18th-avenue-sweets Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 18th-avenue-sweets
bakesy.shop/b/
Redirect Chain
  • https://18thavenuesweets.com/
  • https://bakesy.shop/b/18th-avenue-sweets
1 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bakesy.shop/b/18th-avenue-sweets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.2.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
d04cb82983b1b5103793b38b5311d01e14e2f742a384a5d89c9e8aac5558c74a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1238
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
622
content-type
text/html; charset=UTF-8
date
Mon, 05 Aug 2024 02:14:15 GMT
etag
"24e7d4df5171f7c22b9c2246bbbe1c3b-ssl-df"
server
Netlify
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-nf-request-id
01J4G51P8ESKZQBRFVVK34Q5W0

Redirect headers

age
0
content-length
0
date
Mon, 05 Aug 2024 02:14:14 GMT
location
https://bakesy.shop/b/18th-avenue-sweets
server
Squarespace
x-contextid
Jq48qDqi/mIntjD69
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/b/18th-avenue-sweets
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.208.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-208-159.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Mon, 05 Aug 2024 02:14:15 GMT
Last-Modified
Tue, 30 Jul 2024 20:45:48 GMT
Server
Apple
ETag
W/"43171-1722372348510"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
main.39463c94.js
bakesy.shop/static/js/ 		2 MB
453 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bakesy.shop/static/js/main.39463c94.js
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/b/18th-avenue-sweets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.2.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
5ec4334dea5c13fdc3c9845ce42748281ad80969ac6ef95ef94f4c244fc17d7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bakesy.shop/b/18th-avenue-sweets
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4G51PAEAAXK5E6EKTZD3MME
date
Mon, 05 Aug 2024 02:14:15 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Netlify
age
14214
cache-status
"Netlify Edge"; hit
etag
"349e245e42df89da572099417205e0f8-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
463242
main.e8439c86.css
bakesy.shop/static/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bakesy.shop/static/css/main.e8439c86.css
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/b/18th-avenue-sweets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.2.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
7665f74581c8603a0c2831e1230aae84ac29e55dfd627bad6c3e33138262a74c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bakesy.shop/b/18th-avenue-sweets
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4G51PAHDW2BEJ9DECRM54TK
date
Mon, 05 Aug 2024 02:14:15 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Netlify
age
14214
cache-status
"Netlify Edge"; hit
etag
"17d245d1624e318275fff27502b5c7c6-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
4262
rum
bakesy.shop/.netlify/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bakesy.shop/.netlify/scripts/rum
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/b/18th-avenue-sweets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.2.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
257ef1b7dd06f88a465e5badb58c57b62cf678d7618ecc2929aa3b428e848122
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bakesy.shop/b/18th-avenue-sweets
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4G51PBDKN0EHA5F0Z84BFMF
date
Mon, 05 Aug 2024 02:14:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
43840
cache-status
"Netlify Edge"; hit
etag
"920128a05f6ecf111e0920b419925cc1-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
4079
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Carlito:ital,wght@0,400;0,600;0,700;1,400&display=swap
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/static/css/main.e8439c86.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f42f72e066e3ceb0f5a14da08db47a90a555f0bd13fb60ce4ec8e5735ca9791a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Aug 2024 02:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Aug 2024 02:14:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Aug 2024 02:14:15 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://bakesy.shop
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 05 Aug 2024 02:14:15 GMT
via
1.1 google
v3
js.stripe.com/ 		634 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/static/js/main.39463c94.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e941e7c2c88f18a1a36d0cb58e9196e42cdc3e93d9f798a430cbf65cbb53d6f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 02:13:33 GMT
content-encoding
br
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
43
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 02 Aug 2024 21:58:40 GMT
server
Cloudfront
etag
W/"377b7b7410510b02a0911f1ca8793557"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
QrLjH8GJ6yn7DSRt4g-jjSS0W6VL-5l8G965HgP0_s9_89_Dgomzzw==
/
sessions.bugsnag.com/ 		21 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/static/js/main.39463c94.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://bakesy.shop/
Bugsnag-Sent-At
2024-08-05T02:14:15.537Z
Bugsnag-Api-Key
1922aeae728b0d30265b3208bc112a9f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 05 Aug 2024 02:14:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://bakesy.shop
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 05 Aug 2024 02:14:15 GMT
via
1.1 google
graphql
api.bakesy.app/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bakesy.app/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bakesy.shop
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://bakesy.shop
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ae345cbe885975f-FRA
content-length
0
date
Mon, 05 Aug 2024 02:14:15 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722824055&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=04xh5xFnzSdXeloxhN7Z%2BMsrZM8YTKJYuXpM3wMgfd4%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1722824055&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=04xh5xFnzSdXeloxhN7Z%2BMsrZM8YTKJYuXpM3wMgfd4%3D
server
cloudflare
via
1.1 vegur
graphql
api.bakesy.app/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bakesy.app/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bakesy.shop
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://bakesy.shop
access-control-expose-headers
access-control-max-age
7200
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ae345cbe887975f-FRA
content-length
0
date
Mon, 05 Aug 2024 02:14:15 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722824055&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=04xh5xFnzSdXeloxhN7Z%2BMsrZM8YTKJYuXpM3wMgfd4%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1722824055&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=04xh5xFnzSdXeloxhN7Z%2BMsrZM8YTKJYuXpM3wMgfd4%3D
server
cloudflare
via
1.1 vegur
/
sessions.bugsnag.com/ 		21 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/static/js/main.39463c94.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://bakesy.shop/
Bugsnag-Sent-At
2024-08-05T02:14:15.560Z
Bugsnag-Api-Key
1922aeae728b0d30265b3208bc112a9f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 05 Aug 2024 02:14:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
graphql
api.bakesy.app/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.bakesy.app/graphql
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/static/js/main.39463c94.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c89660bb9f179995b6341a27b04be1d04875ee44c32efeada03e47602f45e81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 05 Aug 2024 02:14:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1722824056&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=QcEnoTDRTkCC2BG%2FWM6Nbcy7Ff0CWzd9WFn3M1WbnZ4%3D
x-request-id
15fde6cd-96b5-4c75-b225-323e7c8e3351
x-runtime
0.236388
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3c89660bb9f179995b6341a27b04be1d"
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bakesy.shop
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722824056&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=QcEnoTDRTkCC2BG%2FWM6Nbcy7Ff0CWzd9WFn3M1WbnZ4%3D"}]}
access-control-expose-headers
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
vary
Accept, Origin
cf-ray
8ae345cde9bb975f-FRA
graphql
api.bakesy.app/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.bakesy.app/graphql
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/static/js/main.39463c94.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:14e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f0856c6c1006998dfbfe8d2756c0f831b4e3a10fff5eeaefc5bd61eaa3ed231
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 05 Aug 2024 02:14:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1722824056&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=QcEnoTDRTkCC2BG%2FWM6Nbcy7Ff0CWzd9WFn3M1WbnZ4%3D
x-request-id
efdce3db-910f-4a77-9626-6cdcfc374fbe
x-runtime
0.090814
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7f0856c6c1006998dfbfe8d2756c0f83"
x-download-options
noopen
access-control-max-age
7200
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bakesy.shop
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1722824056&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=QcEnoTDRTkCC2BG%2FWM6Nbcy7Ff0CWzd9WFn3M1WbnZ4%3D"}]}
access-control-expose-headers
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
vary
Accept, Origin
cf-ray
8ae345cde9ba975f-FRA
3Jn9SDPw3m-pk039DDeBTA.woff2
fonts.gstatic.com/s/carlito/v3/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/carlito/v3/3Jn9SDPw3m-pk039DDeBTA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Carlito:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d57f3d3f582059bb62e975e07a4d70299b78b728181312b075f125a692b20a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bakesy.shop
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 03:31:27 GMT
x-content-type-options
nosniff
age
513768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30164
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 03:31:27 GMT
logo-website.033bb50217ee42220bf2.png
bakesy.shop/static/media/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bakesy.shop/static/media/logo-website.033bb50217ee42220bf2.png
Requested by
Host: bakesy.shop
URL: https://bakesy.shop/b/18th-avenue-sweets
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.2.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
ddefe830652bfc059620cd9dccb5e7d162e092d66de4a8a61dfe5388653c0e75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bakesy.shop/b/18th-avenue-sweets
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4G51PSD8YE2FMHVBF4YVZD5
date
Mon, 05 Aug 2024 02:14:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Netlify
age
9492
cache-status
"Netlify Edge"; hit
etag
"58271c2c08996be035bd123a6d15ef06-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
15613
controller-with-preconnect-530a27afc5c23852e63b119c1228384a.html
js.stripe.com/v3/ Frame 97CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-530a27afc5c23852e63b119c1228384a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-78.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bakesy.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
55
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 05 Aug 2024 02:13:21 GMT
etag
"530a27afc5c23852e63b119c1228384a"
last-modified
Fri, 02 Aug 2024 21:22:01 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-id
cvJx1VuRUhX6Wwx8m5IbJJlwrvlVHWdtnhHpCHMh5uUreaxU3XZ_KQ==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 93D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.99.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-78.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bakesy.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2742
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 05 Aug 2024 01:28:35 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Mon, 29 Jul 2024 20:02:37 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-id
dTZWBPStM3_VUryzMsi4QdI1yYKtnXMFtvfEL9j4I2RDOoToGkO6Hw==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
w6vjgf4ipgjocd1pn7z3a78r2bwo
static-production.bakesy.app/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-production.bakesy.app/w6vjgf4ipgjocd1pn7z3a78r2bwo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f82b8c525b16d169a060cf7247bbd1e28201b10fee13e845e8e0fceae721f48

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 02:14:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VQKVPY02WKRQT2ZN
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
26562
x-amz-id-2
CUGpTrkWVlHSluDBndtMkyQM2EMw+jCqu5Vbcpq+6g+7Snz6Dff3hhC10ZzB7S38Y0PxJJBNQ5Fqk7oSuTk0Tw==
last-modified
Fri, 19 Jul 2024 01:36:41 GMT
server
cloudflare
etag
"70e403f46946c83b832e3ff2d14612b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdMR%2FBVajYIcsTdQLmDpMEd5djid3%2FX4%2FF1p7dmHPRmoVyCg5yOkSfm97OIzTe3uyFORb47m6BCYfXJJT6%2BhVwFuZmqBt%2F%2BUnZATg%2FPuBwlVFFbtUNID69N0GdAL%2Fno7fzzp612nEyGyf5NAgC4W"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8ae345cfaa0a37e9-FRA
3Jn4SDPw3m-pk039BIykWXolUw.woff2
fonts.gstatic.com/s/carlito/v3/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/carlito/v3/3Jn4SDPw3m-pk039BIykWXolUw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Carlito:ital,wght@0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
569f4321924bc4a444bfc2e215aa6c895e2544ff8beab21e01ecdc34b5f91f09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bakesy.shop
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:18:12 GMT
x-content-type-options
nosniff
age
471364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31500
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:57:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 15:18:12 GMT
h879w9rzdpl5io1v99ds0g9u1yrs
static-production.bakesy.app/ 		502 KB
503 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-production.bakesy.app/h879w9rzdpl5io1v99ds0g9u1yrs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30b0fae14b828d951d6e94b08d5525eec1473452ea8aab9a5c0dc83ce07e721

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 02:14:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VQKTXTM1D34T1WTX
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="F8001283-25CC-48ED-9660-8296DF431452.jpg"; filename*=UTF-8''F8001283-25CC-48ED-9660-8296DF431452.jpg
alt-svc
h3=":443"; ma=86400
content-length
514141
x-amz-id-2
LVtFSyaLv5W95/CER2bOzRJDz1Kt8WWmiJikOY4LBinKIJnquI9l33s/B6Ce+s3qB8c4oq+wLE4T3UtKTSaj7Q==
last-modified
Fri, 02 Aug 2024 19:36:41 GMT
server
cloudflare
etag
"6a6819f0fd18000459e88de67452c528"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGcgE29Tk%2BSJSiK2msQVmzHijgNmH14MUlALl%2BNgOab%2BFh%2BPzqvWoa9cVhyq0hnKmhUYNKh30%2BRKt99dCMcjgzhErA%2FhITLBemqGHKNb4mHXgQPXttaYAkF6d6lRHTQX9lMZ%2FDSkrC6gDyE07f6Z"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8ae345d05a5937e9-FRA
9wmzdqkftkiyk0fq7uh8f74i8hha
static-production.bakesy.app/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-production.bakesy.app/9wmzdqkftkiyk0fq7uh8f74i8hha
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a15b426a3211dca468b694b4261b999ca3e9e73fd3b78ca33a67f67ee08c7d44

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 02:14:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VQKGSED6FVVE0F0C
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
63447
x-amz-id-2
8KBqz6NvRQ9SlenatpwHUq1+eh8KSl/cugTYWSUsBqk+9tM2NIAKexEMBJ6dBKhAGnLBS4cYCfRrqA84Oktqdg==
last-modified
Fri, 19 Jul 2024 01:31:28 GMT
server
cloudflare
etag
"db0dfc3634d6c9fa107dc70bafbdcabb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4H3INlN3soBF86ZWzkV4UiH4O2%2Bf2G9lhRGxpODkmfMQpL4fMFLoG2egP3v68bUUjBbakRCl7q%2BBlBOaXY7J%2BzNbPseFEwpFZAOPjXPymC%2BFClbDPBI8L4O1%2BA%2Fxb3XB14%2FtWzGfH%2BU6PgjLV0Lx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8ae345d05a5b37e9-FRA
8tufuaymvukwmyej76uq2rsyzsa5
static-production.bakesy.app/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-production.bakesy.app/8tufuaymvukwmyej76uq2rsyzsa5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86248dc2d25309305c0954d6934c96ad67ce3f7ca6d4e82d415a2e1184a57acc

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 02:14:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VQKT92SNFGGBFTRT
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
69400
x-amz-id-2
6jCNjjJXg8ZP4yGrIrRbA1jXYeQ/3yPBi5YefVcsh1s/+YRXKHgLdky1wLhsP9OgDNMJjmFf7O+ToI0BSyO8V1YPYRN8IpvHVzRhNvDMDHI=
last-modified
Fri, 19 Jul 2024 01:27:30 GMT
server
cloudflare
etag
"3cb6906b8d3ecceefee84cd454800066"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2pt2sf5wswmG%2ByR628F8Mf8OfSm1gABdIbstj%2B1cQF%2FhnTRqnouMNBhL3teUhQRh2hPYV0gFBRncovzUGp8bcTR7o%2FvqjJhjvwBJandsEOkmyeP2nN8wdCzoVYxT3wINGqw55BOY%2Bbsq6AcgVi3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8ae345d05a5c37e9-FRA
vzgxrzdmsne532qwsoq2iy6s3hny
static-production.bakesy.app/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-production.bakesy.app/vzgxrzdmsne532qwsoq2iy6s3hny
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be240dab10adf68f763d38e9a41e660944214a33998b8915162f52152de02a85

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 02:14:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VQKV5RVDJZXRF5GK
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
62217
x-amz-id-2
868fy0U0662Y3bkfQDZ5SS3ntuSEU6Y7tk1JK+kdICJoJIFLfLAdULHYygXUZFqvlgz0qBVTsfDLKHAN9rCUgg==
last-modified
Fri, 02 Aug 2024 22:02:50 GMT
server
cloudflare
etag
"29d0df7d285ae8c6fda2d69ce7d53c9b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVVy1DXpsmAgN5CotqQBwSaC%2BOJfc2c4Q0TMeDRHmgKh21WMact2X4nJwUM3sAK2VCRNYY0JD4Cm3t3AorOQ96Vj0cYnrkMF%2BynaihUYmaf3NAkCFoni4YSTp819McnYGIUxZ2clgF5%2FIpEP2Lgl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8ae345d05a5d37e9-FRA
t9m1dj2p8ix9w70k2hwpukvwbsjx
static-production.bakesy.app/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-production.bakesy.app/t9m1dj2p8ix9w70k2hwpukvwbsjx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da23dfa1a81e690ad3a85d167553edb26b78ed1ae4036f76edca867cab3f57b

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 02:14:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CZT2KNBKRD18H6VP
age
97577
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
61515
x-amz-id-2
Z8ev7LwJnZGwol8hc+CJFhYRRZpvqiXmJASN8D8Wuog7sRfTXBtYvMSrHcWaepE3dxeLN/tRpkGFAOoXOVKPrFLRCUbtLl71FTwihPRby08=
last-modified
Fri, 02 Aug 2024 22:03:12 GMT
server
cloudflare
etag
"87b78c9f4164dd9bb86d653328cd138d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWMnoG8JOB2%2FZwY9xDrT1WIbDMQHxVZg3SuHFiDiK0kK4YPLteutcoal%2BYYeTi11AzYJ3%2BDD3Bfje1i5QDrAHxff7vQ6hru2H%2BVgopYcv7wnjPplVFzVscVpsm5mI3R6TEyOjSregdBeEKgkyGef"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8ae345d05a5f37e9-FRA
fzfwlvm27tfiwa3200gnq9oig0mv
static-production.bakesy.app/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-production.bakesy.app/fzfwlvm27tfiwa3200gnq9oig0mv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.194.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c590c9a4da3d3755e9d8513cc6a73c71a652697819bc5353a0c60f9852652c06

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 02:14:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VQKVRYEZVF1JHXWQ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
49726
x-amz-id-2
DFxyNP4CZtoK6GKtppOXjkwgqAfmrFfnOEZMJs+o+0zScDTef0ps1cCUM0pD8+JEJXJImlniCZ71CMhDv9g4Dg==
last-modified
Fri, 02 Aug 2024 22:04:19 GMT
server
cloudflare
etag
"e1f626f42979ed56a928b24637c2a50b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vVoPoCKS6JfGgwUalDMO0hBJzojm1sXXBXfnRy2bFgYFfBXjpeooCW1xcJREiYEWN2CIDduxggLoCzIdkD66e%2FMDwx1BYlAj209WWonCdzif2z9lcD8kekcKaNMIbxnjUys%2BdaA7Ax9x9vvploVb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8ae345d05a6037e9-FRA
favicon.ico
bakesy.shop/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bakesy.shop/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.2.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
b8f2416efa4d9e6e725ae774a66c1b08b3a82fb109dc88308a6bea753f9b58fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bakesy.shop/b/18th-avenue-sweets
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4G51RBDY89SP9HKW30KJE4B
date
Mon, 05 Aug 2024 02:14:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Netlify
age
35695
cache-status
"Netlify Edge"; hit
etag
"ec1da67f7ce36cc156a970409f64fee9-ssl"
content-type
image/vnd.microsoft.icon
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
1150
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-92.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bakesy.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 01:28:15 GMT
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2772
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
176
last-modified
Mon, 29 Jul 2024 20:02:37 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
TQpQvh2ttKKeY39P4OD19K4tKR8MIgcLrJm0lEobLd_PEbY9VvKIew==

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| clearImmediate function| setImmediate string| __reactRouterVersion object| FontAwesomeConfig object| ___FONT_AWESOME___ object| _ablyjs_jsonp function| _ object| Cleave object| AppleID object| webpackChunkStripeJSouter function| noop function| Stripe

4 Cookies

Domain/Path Name / Value
18thavenuesweets.com/ Name: crumb
Value: BVxfO/w+7IQwN2JlM2FlZjFmNDk4YWRkOGYyNGYwNzI0YjBjZmJm
m.stripe.com/ Name: m
Value: a685b5ad-b6cb-4345-ba86-9cd5df34f82ab19cb6
.bakesy.shop/ Name: __stripe_mid
Value: 04ce38a7-276a-458b-935f-5fad8a9d00d449eb0f
.bakesy.shop/ Name: __stripe_sid
Value: bce85431-4b02-429a-96f4-fa596dd0a2fbf228d9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18thavenuesweets.com
api.bakesy.app
appleid.cdn-apple.com
bakesy.shop
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
sessions.bugsnag.com
static-production.bakesy.app
13.32.99.78
13.32.99.92
172.67.194.185
184.30.208.159
198.49.23.144
2600:1901:0:7a0b::
2606:4700:3037::6815:14e3
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::200a
75.2.60.5
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
257ef1b7dd06f88a465e5badb58c57b62cf678d7618ecc2929aa3b428e848122
3c89660bb9f179995b6341a27b04be1d04875ee44c32efeada03e47602f45e81
4f82b8c525b16d169a060cf7247bbd1e28201b10fee13e845e8e0fceae721f48
569f4321924bc4a444bfc2e215aa6c895e2544ff8beab21e01ecdc34b5f91f09
5ec4334dea5c13fdc3c9845ce42748281ad80969ac6ef95ef94f4c244fc17d7e
7665f74581c8603a0c2831e1230aae84ac29e55dfd627bad6c3e33138262a74c
7da23dfa1a81e690ad3a85d167553edb26b78ed1ae4036f76edca867cab3f57b
7f0856c6c1006998dfbfe8d2756c0f831b4e3a10fff5eeaefc5bd61eaa3ed231
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
86248dc2d25309305c0954d6934c96ad67ce3f7ca6d4e82d415a2e1184a57acc
a15b426a3211dca468b694b4261b999ca3e9e73fd3b78ca33a67f67ee08c7d44
b8f2416efa4d9e6e725ae774a66c1b08b3a82fb109dc88308a6bea753f9b58fd
be240dab10adf68f763d38e9a41e660944214a33998b8915162f52152de02a85
c590c9a4da3d3755e9d8513cc6a73c71a652697819bc5353a0c60f9852652c06
d04cb82983b1b5103793b38b5311d01e14e2f742a384a5d89c9e8aac5558c74a
d57f3d3f582059bb62e975e07a4d70299b78b728181312b075f125a692b20a19
ddefe830652bfc059620cd9dccb5e7d162e092d66de4a8a61dfe5388653c0e75
e30b0fae14b828d951d6e94b08d5525eec1473452ea8aab9a5c0dc83ce07e721
e941e7c2c88f18a1a36d0cb58e9196e42cdc3e93d9f798a430cbf65cbb53d6f2
f42f72e066e3ceb0f5a14da08db47a90a555f0bd13fb60ce4ec8e5735ca9791a