urlscan.io logo urlscan.io
SecurityTrails logo

brand.bagelstein.com Open in urlscan Pro
46.101.162.221  Public Scan

Go To Rescan Add Verdict Report
URL: https://brand.bagelstein.com/
Submission: On May 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 33 HTTP transactions. The main IP is 46.101.162.221, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is brand.bagelstein.com.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.
This is the only time brand.bagelstein.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 46.101.162.221 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 18.239.18.104 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.239.18.60 16509 (AMAZON-02)
2 3.5.137.167 16509 (AMAZON-02)
33 8
23    46.101.162.221 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
brand.bagelstein.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
1    18.239.18.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-104.ams58.r.cloudfront.net
js.stripe.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.239.18.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-60.ams58.r.cloudfront.net
js.stripe.com
2    3.5.137.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
brandox-production.s3-eu-central-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
23 bagelstein.com
brand.bagelstein.com
609 KB
2 amazonaws.com
brandox-production.s3-eu-central-1.amazonaws.com
2 MB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088
148 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
163 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
1 gstatic.com
fonts.gstatic.com
32 KB
1 ravenjs.com
cdn.ravenjs.com — Cisco Umbrella Rank: 10049
11 KB
33 7
Domain Requested by
23 brand.bagelstein.com brand.bagelstein.com
2 brandox-production.s3-eu-central-1.amazonaws.com
2 js.stripe.com brand.bagelstein.com
js.stripe.com
2 www.googletagmanager.com brand.bagelstein.com
www.googletagmanager.com
2 fonts.googleapis.com brand.bagelstein.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.ravenjs.com brand.bagelstein.com
33 7

This site contains no links.

Subject Issuer Validity Valid
brand.bagelstein.com
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-06 -
2025-04-07		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-03-27 -
2024-06-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2024-02-08 -
2025-01-18		 a year crt.sh

This page contains 2 frames:

Primary Page: https://brand.bagelstein.com/
Frame ID: 2E8266DA2AA7522D5ED34A6282FC9C34
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: F1D5E3A19F631449F2CFEACF59404FCA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+__meteor-css__
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

33
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

3476 kB
Transfer

5828 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
brand.bagelstein.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
38c25b06ba008751c24b511384dc72fb59d994a31dcad511fa97728c3ef0bc60
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 16:03:10 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
9ae483a835ae409e56d5bed5d47ed450c733d021.css
brand.bagelstein.com/ 		136 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/9ae483a835ae409e56d5bed5d47ed450c733d021.css?meteor_css_resource=true
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
3b492cc6f4a6448809d86efa3259cc1e6bfb8e901c60202ef763b1b2087b0e18

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:10 GMT
content-encoding
gzip
server
Caddy
etag
"9ae483a835ae409e56d5bed5d47ed450c733d021"
vary
User-Agent, Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Material+Icons&family=Karla:ital,wght@0,200..800;1,200..800&display=swap
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4c4104c3e152761a81fd80749c047288b01e0e824f1f3c1635011cf073ef5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 16:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 May 2024 16:03:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 May 2024 16:03:10 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74951056-1
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37d9bb168178b42f0b0036ef63bc5fcc5d2d9b519e0315019d644a433a09f69f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74967
x-xss-protection
0
last-modified
Tue, 14 May 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 May 2024 16:03:10 GMT
raven.min.js
cdn.ravenjs.com/3.22.1/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.22.1/raven.min.js
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0bce161c1546eba68585e5b193dd43e865c729dfaae9fe8904fcca51bbb55b33

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Origin
https://brand.bagelstein.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:10 GMT
content-encoding
gzip
last-modified
Mon, 15 Jan 2018 12:12:19 GMT
server
Fastly
age
29934
etag
"9c99806be4993ea92ae76f58fa2dfdb6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
10646
02bc05beaae2865398246921279aa2ada41247d9.js
brand.bagelstein.com/ 		2 MB
583 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
3cebb03a701378de3431bdde02b3731d1beb27105bdc17b0965a48fdb9e660ff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:10 GMT
content-encoding
gzip
server
Caddy
etag
"02bc05beaae2865398246921279aa2ada41247d9"
vary
User-Agent, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
css
fonts.googleapis.com/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,600italic,700,700italic
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/9ae483a835ae409e56d5bed5d47ed450c733d021.css?meteor_css_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4470aa4e2797f193e2bbd53b440df9a686663aa9cee5d9a88cd0cb1cbd17ecaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 16:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 May 2024 16:03:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 May 2024 16:03:10 GMT
js
www.googletagmanager.com/gtag/ 		254 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SWJ9YY3YTW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74951056-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9af657a998974c2c71e2586c439ae9bd40ff15d59089fc089666061c69e283ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90997
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 16:03:11 GMT
v3
js.stripe.com/ 		604 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-104.ams58.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7f212525f1c2b3233a0abff4fb78562c39336d8c9e356bf2c50de71aa5e2df64
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:02:25 GMT
content-encoding
br
via
1.1 215e4a16b9afcb599baed4231992f516.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
47
x-amz-cf-pop
AMS58-P6
x-cache
Hit from cloudfront
last-modified
Mon, 13 May 2024 20:57:37 GMT
server
Cloudfront
etag
W/"4fccbcf2b0fe1cce48e6e09c1b2b5fd3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
-Ji-UdjlLynDTQBNfksV8KmeOtifjCTcxvSCt2AxzGO_ksZjSOLBCw==
info
brand.bagelstein.com/sockjs/ 		79 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/sockjs/info?cb=80hdq4t7s3
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
a0991d52f283e66a6e125a54a1a1bb540f3efd1ab8d655377407db0f618efefd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 14 May 2024 16:03:11 GMT
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0
server
Caddy
vary
Origin
content-type
application/json; charset=UTF-8
qkBbXvYC6trAT7RVLtw.woff2
fonts.gstatic.com/s/karla/v31/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v31/qkBbXvYC6trAT7RVLtw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Icons&family=Karla:ital,wght@0,200..800;1,200..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
612f86f93823aeff43467a4efe2a18843bf289cbf9bee3b95fcb4b9e46e43956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://brand.bagelstein.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 08:18:21 GMT
x-content-type-options
nosniff
age
27890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32340
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 15:40:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 08:18:21 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame F1D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-60.ams58.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://brand.bagelstein.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3291
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 May 2024 15:08:26 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 10 May 2024 20:57:19 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 6f348d610065e2c8eb4f3a0d2f7caa8e.cloudfront.net (CloudFront)
x-amz-cf-id
AFdfiIR93Lc3Utpwvq90jheOqb4akOK1IliPK3Y3JRJSBRjULobhRg==
x-amz-cf-pop
AMS58-P6
x-cache
Hit from cloudfront
x-content-type-options
nosniff
brandox-logo.svg
brand.bagelstein.com/img/ 		529 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/img/brandox-logo.svg
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
062b9b7365ffc3ff44a3d40bc3fda8dee2caefa3558878aa744a25fb5fc9f116

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
etag
"fea766daf42f49d993671c1dcb8799094366ed13"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
529
user.svg
brand.bagelstein.com/img/icons/ 		406 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/img/icons/user.svg
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
622c53b7d18f3e50ec6ff0943eaac1997b51ba82fcca14d830afce3ee0e4c857

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
etag
"fde87f4981484530a721050ef5e370abf6a7542b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
406
menu.svg
brand.bagelstein.com/img/icons/ 		337 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/img/icons/menu.svg
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e4529de2be9204331b290a74a0f3f5eb5d92f995f8d9b7af9370beac5dc74672

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
etag
"1423ab24cd16a014b8da575ea12e285b3bb78ccf"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
337
close.svg
brand.bagelstein.com/img/icons/ 		345 B
408 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/img/icons/close.svg
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
d4128a5dde66ba96855fe5315df1edbcda8931e9b2bf1290c9d6f26db0dbe1cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
etag
"86e195ca29079e114045e82ec6305f6f383e63c3"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
345
brandox-logo-full.svg
brand.bagelstein.com/img/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/img/brandox-logo-full.svg
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
c62dfadebdd626b7e8b6c58283ffcaa3531ba9a4001d78f608ea57fab056d019

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:11 GMT
content-encoding
gzip
server
Caddy
etag
"7216a306f18f657e5da199d918cbd079ed1aa599"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
download.svg
brand.bagelstein.com/img/icons/ 		378 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/img/icons/download.svg
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
1dcbcf231c59c9a36c054037a464d4405a923ccef06ece59a6ca02c9089e2f9b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
etag
"e1b01da974921ec1be684debf61525168e875fd8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
378
email.svg
brand.bagelstein.com/img/icons/ 		492 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/img/icons/email.svg
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
6f4fd60981b34b76d2c63a9ef1ed562d36798d540224ffd162e1684e6e76c2a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
etag
"72a2eaeb49d77f21d625a36aabfcf00929ae354e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
492
login
brand.bagelstein.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/login
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
login
brand.bagelstein.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/login
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
login
brand.bagelstein.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/login
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
login
brand.bagelstein.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/login
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
login
brand.bagelstein.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/login
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
login
brand.bagelstein.com/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/login
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
20120116-Bagelstein-130--1500x1500.png
brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-login-page-background-image1602071148707/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-login-page-background-image1602071148707/20120116-Bagelstein-130--1500x1500.png
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
Classique-noir-blanc-logo-04--400x400.png
brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/Classique-noir-blanc-logo-04--400x400.png
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
20120116-Bagelstein-130--1500x1500.png
brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-login-page-background-image1602071148707/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-login-page-background-image1602071148707/20120116-Bagelstein-130--1500x1500.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.137.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a4effce3d97d8b88181ab8a7d9f2c9e4a50b50c936a7be395a4212dc294d3d97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 16:03:13 GMT
Last-Modified
Wed, 07 Oct 2020 11:46:27 GMT
Server
AmazonS3
x-amz-request-id
1VXBVZ8SYK7ZYP1R
ETag
"bca43541533dc832b0939c2103f45b9b"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
2457597
x-amz-id-2
t0DAXhcxbtjGoZ2Kr3htj74sVaBrEPLlcYaqScmuxt1RibpEWo/eDTuR4r8azMWlYIwkxz2T9cIBfY1lKGbcPw==
Classique-noir-blanc-logo-04--400x400.png
brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/Classique-noir-blanc-logo-04--400x400.png
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
Classique-noir-blanc-logo-04--400x400.png
brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/Classique-noir-blanc-logo-04--400x400.png
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:11 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
Classique-noir-blanc-logo-04--400x400.png
brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/Classique-noir-blanc-logo-04--400x400.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.137.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7ba495f3bcc412412113e6f23b841738e56f509eaf8904c0cde10e8a8a5cd143

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 16:03:13 GMT
Last-Modified
Wed, 07 Oct 2020 11:45:18 GMT
Server
AmazonS3
x-amz-request-id
1VX1C2FMG3229QRP
ETag
"a83710cdf30e569835d23083c30e6362"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
112200
x-amz-id-2
Rya5uPaUR5pMltXXjdqJBlnCNfkQ244BroCVzGo6Vr7RJvIAt6ptm46glfT/j7XW4I875SHSdZjClao2jlft7A==
Classique-noir-blanc-logo-04--400x400.png
brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/brandox-production.s3-eu-central-1.amazonaws.com/1536233b-18c3-4f7d-9bd5-227ea12acd26brand-page-logo1602071114792/Classique-noir-blanc-logo-04--400x400.png
Requested by
Host: brand.bagelstein.com
URL: https://brand.bagelstein.com/02bc05beaae2865398246921279aa2ada41247d9.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:12 GMT
server
Caddy
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
favicon.ico
brand.bagelstein.com/ 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://brand.bagelstein.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.101.162.221 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://brand.bagelstein.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
date
Tue, 14 May 2024 16:03:12 GMT
server
Caddy
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| Raven object| __meteor_runtime_config__ object| google_tag_manager object| google_tag_data function| require object| Package object| process function| ___INIT_METEOR_FAST_REFRESH object| Accounts object| Mongo function| Log object| Reload object| EJSON function| check object| Match function| meteorInstall undefined| Picker undefined| meteorJsMinify object| Meteor object| global object| meteorEnv object| WebApp object| DDP undefined| LaunchScreen object| Autoupdate object| __brandox object| webpackChunkStripeJSouter function| noop function| Stripe

4 Cookies

Domain/Path Name / Value
.bagelstein.com/ Name: user_is_probably_in_europe
Value: false
m.stripe.com/ Name: m
Value: 83c79c0a-002e-44ef-b212-889b0263bdac7cba68
.brand.bagelstein.com/ Name: __stripe_mid
Value: dbc69891-b9d5-40c5-9de5-ba993ff50bc36ed001
.brand.bagelstein.com/ Name: __stripe_sid
Value: 339ae5ab-d360-41c9-8a75-f4ce8b17608407d596

5 Console Messages

Source Level URL
Text
recommendation verbose URL: https://brand.bagelstein.com/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://brand.bagelstein.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://brand.bagelstein.com/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://brand.bagelstein.com/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://brand.bagelstein.com/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.stripe.com player.vimeo.com *.youtube.com *.amazonaws.com;script-src 'self' 'unsafe-inline' cdn.ravenjs.com *.googleapis.com *.googletagmanager.com *.stripe.com;connect-src * data:;img-src 'self' data: https:;font-src 'self' data: fonts.gstatic.com *.amazonaws.com;style-src 'self' 'unsafe-inline' *.googleapis.com;frame-ancestors 'self' system.dystronet.pl system.dystronet.eu connect.spiritualplaydate.com *.zoho.com goat.group.app www.ridegoat.com ridegoat.com app.heartbeat.chat www.heartbeat.chat
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brand.bagelstein.com
brandox-production.s3-eu-central-1.amazonaws.com
cdn.ravenjs.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
www.googletagmanager.com
18.239.18.104
18.239.18.60
2a00:1450:4001:800::2003
2a00:1450:4001:810::200a
2a00:1450:4001:82f::2008
2a04:4e42:600::729
3.5.137.167
46.101.162.221
062b9b7365ffc3ff44a3d40bc3fda8dee2caefa3558878aa744a25fb5fc9f116
0bce161c1546eba68585e5b193dd43e865c729dfaae9fe8904fcca51bbb55b33
1dcbcf231c59c9a36c054037a464d4405a923ccef06ece59a6ca02c9089e2f9b
37d9bb168178b42f0b0036ef63bc5fcc5d2d9b519e0315019d644a433a09f69f
38c25b06ba008751c24b511384dc72fb59d994a31dcad511fa97728c3ef0bc60
3b492cc6f4a6448809d86efa3259cc1e6bfb8e901c60202ef763b1b2087b0e18
3cebb03a701378de3431bdde02b3731d1beb27105bdc17b0965a48fdb9e660ff
4470aa4e2797f193e2bbd53b440df9a686663aa9cee5d9a88cd0cb1cbd17ecaf
612f86f93823aeff43467a4efe2a18843bf289cbf9bee3b95fcb4b9e46e43956
622c53b7d18f3e50ec6ff0943eaac1997b51ba82fcca14d830afce3ee0e4c857
6f4fd60981b34b76d2c63a9ef1ed562d36798d540224ffd162e1684e6e76c2a7
7ba495f3bcc412412113e6f23b841738e56f509eaf8904c0cde10e8a8a5cd143
7f212525f1c2b3233a0abff4fb78562c39336d8c9e356bf2c50de71aa5e2df64
9af657a998974c2c71e2586c439ae9bd40ff15d59089fc089666061c69e283ca
a0991d52f283e66a6e125a54a1a1bb540f3efd1ab8d655377407db0f618efefd
a4effce3d97d8b88181ab8a7d9f2c9e4a50b50c936a7be395a4212dc294d3d97
c4c4104c3e152761a81fd80749c047288b01e0e824f1f3c1635011cf073ef5cf
c62dfadebdd626b7e8b6c58283ffcaa3531ba9a4001d78f608ea57fab056d019
d4128a5dde66ba96855fe5315df1edbcda8931e9b2bf1290c9d6f26db0dbe1cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4529de2be9204331b290a74a0f3f5eb5d92f995f8d9b7af9370beac5dc74672