www.bajaao.com Open in urlscan Pro
23.227.38.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trk.klclick.com/ls/click?upn=an5yqXiAyNj60HmBTJ8zJXHdGEd7Sn8nAPeyVnNk2Aqb1KG-2B883pGPHrHyrxMfETO2gaYH6lwqHkIV5qG...
Effective URL:
https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4d...
Submission: On August 31 via manual (August 31st 2022, 9:58:15 am UTC) from DE — Scanned from DE

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 16 domains to perform 55 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is www.bajaao.com.
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.

This is the only time www.bajaao.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:223... 2600:9000:223c:8a00:14:c8fd:7700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 12	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	104.16.255.71 104.16.255.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	167.71.251.199 167.71.251.199	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:1d93	() ()
1	142.250.74.194 142.250.74.194	() ()
1	23.227.38.33 23.227.38.33	() ()
1	2606:4700:10:... 2606:4700:10::ac43:246a	() ()
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	() ()
6	2a00:1450:400... 2a00:1450:4001:80e::200e	() ()
1	2600:9000:223... 2600:9000:223d:da00:8:cf94:88c0:93a1	() ()
1	2a00:1450:400... 2a00:1450:400c:c06::9a	() ()
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	() ()
55	14

1 2600:9000:223c:8a00:14:c8fd:7700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.227.38.74 (Ottawa, Canada) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bajaao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.16.255.71 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.251.199 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: a.parcelintelligence.com.au

parcelintelligence.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d93 (None, )

ASN- ()

ssl.widgets.webengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (None, )

ASN- ()

checkout.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246a (None, )

ASN- ()

widget.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:da00:8:cf94:88c0:93a1 (None, )

ASN- ()

76aa7a5.webengage.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2175 checkout.shopify.com	408 KB
12	bajaao.com 1 redirects www.bajaao.com	37 KB
6	google-analytics.com www.google-analytics.com	21 KB
6	shopifysvc.com monorail-edge.shopifysvc.com	2 KB
2	facebook.com www.facebook.com	622 B
2	facebook.net connect.facebook.net	111 KB
1	doubleclick.net stats.g.doubleclick.net	441 B
1	webengage.co 76aa7a5.webengage.co	2 KB
1	privy.com widget.privy.com	98 KB
1	googleadservices.com www.googleadservices.com	16 KB
1	webengage.com ssl.widgets.webengage.com wsdk-files.webengage.com Failed	60 KB
1	parcelintelligence.com.au parcelintelligence.com.au — Cisco Umbrella Rank: 784042	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	62 KB
1	klclick.com 1 redirects trk.klclick.com — Cisco Umbrella Rank: 13515	428 B
0	google.de Failed www.google.de Failed
0	google.com Failed www.google.com Failed
55	16

	Domain	Requested by
13	cdn.shopify.com	www.bajaao.com cdn.shopify.com checkout.shopify.com
12	www.bajaao.com	1 redirects www.bajaao.com cdn.shopify.com srcdoc
6	www.google-analytics.com	cdn.shopify.com www.google-analytics.com www.bajaao.com
6	monorail-edge.shopifysvc.com	cdn.shopify.com
2	www.facebook.com	www.bajaao.com
2	connect.facebook.net	cdn.shopify.com connect.facebook.net
1	stats.g.doubleclick.net	cdn.shopify.com
1	76aa7a5.webengage.co	ssl.widgets.webengage.com
1	widget.privy.com	srcdoc
1	checkout.shopify.com	cdn.shopify.com
1	www.googleadservices.com	www.googletagmanager.com
1	ssl.widgets.webengage.com	www.bajaao.com
1	parcelintelligence.com.au	www.bajaao.com
1	www.googletagmanager.com	www.bajaao.com
1	trk.klclick.com	1 redirects
0	www.google.de Failed	www.bajaao.com
0	www.google.com Failed	www.bajaao.com
0	wsdk-files.webengage.com Failed	76aa7a5.webengage.co
55	18

This site contains no links.

Subject Issuer	Validity	Valid
www.bajaao.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
cdn.shopify.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
parcelintelligence.com.au Sectigo RSA Domain Validation Secure Server CA	`2022-02-21` - `2023-03-24`	a year	crt.sh
webengage.com Cloudflare Inc ECC CA-3	`2022-04-23` - `2023-04-22`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
shopify.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
monorail-edge.shopifysvc.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-09` - `2022-09-07`	3 months	crt.sh
webengage.co Amazon	`2022-07-04` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo
Frame ID: 5694D99C12544758F1F0590DC84DD69B
Requests: 46 HTTP requests in this frame

Frame: https://www.bajaao.com/6576821/digital_wallets/dialog
Frame ID: 3D844DA41CEBC36FA5F07ABFD8FF86DC
Requests: 3 HTTP requests in this frame

Frame: https://checkout.shopify.com/6576821/sandbox/autocomplete_service?locale=en-IN
Frame ID: 9DF62CD6E781CB9A3DED230A6D2DD9CA
Requests: 2 HTTP requests in this frame

Frame: https://www.bajaao.com/csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=bd32ab89-2e85-4fc8-b90c-4605b1214af3
Frame ID: 84E63E94FB5EAD46D14916AC3F4455C9
Requests: 2 HTTP requests in this frame

Frame: https://76aa7a5.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=76aa7a5
Frame ID: E70B97D87DE880E3B0A1A41FFF0AEE79
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://trk.klclick.com/ls/click?upn=an5yqXiAyNj60HmBTJ8zJXHdGEd7Sn8nAPeyVnNk2Aqb1KG-2B883pGPHrHyrxM... HTTP 302
https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?key=06cded62b4fc3... Page URL
https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?_kx=awwHeLsKkY01N... Page URL
https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?_kx=awwHeLsKkY01N... HTTP 302
https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rL... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

55
Requests

87 %
HTTPS

64 %
IPv6

16
Domains

18
Subdomains

14
IPs

4
Countries

816 kB
Transfer

2981 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.klclick.com/ls/click?upn=an5yqXiAyNj60HmBTJ8zJXHdGEd7Sn8nAPeyVnNk2Aqb1KG-2B883pGPHrHyrxMfETO2gaYH6lwqHkIV5qGuDx9PKnsD4nVe3LO-2BWIlvfMSYscXHQpDFyOkksetK5HSLCYGPupQI0iYLo9yNXjjVW7-2BugAzdDe4FHTvfWrJZjh-2FBQxyQjFi2oPKIuAi59OomJQ2Ere-2FYwn5MuXTq5xn4Ah3-2FlZDyNnEfaBOCTedNE9EFUQvlivBbeD2n7FgBVVL06oZyJMgGuBCaScaZcdgC0Injz0dO1UJX30nnAlp-2BsMb-2FprEICJpCdPgpK-2F-2F4x4IzFSvjHu_7RSxXQ4xkW97zw1zLUBL6SHymuAYtdQxCfbtzbpJ02fNoDXNl9gddTgGIkzzJ2Hlwa1FSU5YvzETgy460-2B-2BzfEQgIZDe-2B93kidpr8SgtHMAzM8h67j-2BdTm-2FWWeA5VJgJI2JiqA-2BQBkPCsfug6cpiXvU-2FdIvgFMXpihwPXC3dOuCYN78Yp5-2B2LBnpR-2FaMG-2FiZ08REC6bhM7bc8i52w0L3zSa7Px5v756XMwpfT8NjANiW-2Bi2sFXcqrH3otowDOHKdMGLblbDRgF3DEQD0MGeIHC5OKf-2Ft0qcA0undOm4BnLaG6n-2BkHJZGuNxE07QCNwMXVR6gROofcM-2BRN5-2BtX-2Bm-2Bj3z44fiwx-2B8mM5SlMSATJeivixIMQzz8wsBbE6ZsYdNj HTTP 302
https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?key=06cded62b4fc3841f34d7614b6738b16&utm_source=Klaviyo&utm_medium=flow&_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz Page URL
https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&key=06cded62b4fc3841f34d7614b6738b16&no_cookies_from_redirect=1&utm_medium=flow&utm_source=Klaviyo Page URL
https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&cookies_blocked=1&key=06cded62b4fc3841f34d7614b6738b16&no_cookies_from_redirect=1&utm_medium=flow&utm_source=Klaviyo HTTP 302
https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://trk.klclick.com/ls/click?upn=an5yqXiAyNj60HmBTJ8zJXHdGEd7Sn8nAPeyVnNk2Aqb1KG-2B883pGPHrHyrxMfETO2gaYH6lwqHkIV5qGuDx9PKnsD4nVe3LO-2BWIlvfMSYscXHQpDFyOkksetK5HSLCYGPupQI0iYLo9yNXjjVW7-2BugAzdDe4FHTvfWrJZjh-2FBQxyQjFi2oPKIuAi59OomJQ2Ere-2FYwn5MuXTq5xn4Ah3-2FlZDyNnEfaBOCTedNE9EFUQvlivBbeD2n7FgBVVL06oZyJMgGuBCaScaZcdgC0Injz0dO1UJX30nnAlp-2BsMb-2FprEICJpCdPgpK-2F-2F4x4IzFSvjHu_7RSxXQ4xkW97zw1zLUBL6SHymuAYtdQxCfbtzbpJ02fNoDXNl9gddTgGIkzzJ2Hlwa1FSU5YvzETgy460-2B-2BzfEQgIZDe-2B93kidpr8SgtHMAzM8h67j-2BdTm-2FWWeA5VJgJI2JiqA-2BQBkPCsfug6cpiXvU-2FdIvgFMXpihwPXC3dOuCYN78Yp5-2B2LBnpR-2FaMG-2FiZ08REC6bhM7bc8i52w0L3zSa7Px5v756XMwpfT8NjANiW-2Bi2sFXcqrH3otowDOHKdMGLblbDRgF3DEQD0MGeIHC5OKf-2Ft0qcA0undOm4BnLaG6n-2BkHJZGuNxE07QCNwMXVR6gROofcM-2BRN5-2BtX-2Bm-2Bj3z44fiwx-2B8mM5SlMSATJeivixIMQzz8wsBbE6ZsYdNj HTTP 302
https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?key=06cded62b4fc3841f34d7614b6738b16&utm_source=Klaviyo&utm_medium=flow&_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

recover Show response
www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/
Redirect Chain

https://trk.klclick.com/ls/click?upn=an5yqXiAyNj60HmBTJ8zJXHdGEd7Sn8nAPeyVnNk2Aqb1KG-2B883pGPHrHyrxMfETO2gaYH6lwqHkIV5qGuDx9PKnsD4nVe3LO-2BWIlvfMSYscXHQpDFyOkksetK5HSLCYGPupQI0iYLo9yNXjjVW7-2BugAzd...
https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?key=06cded62b4fc3841f34d7614b6738b16&utm_source=Klaviyo&utm_medium=flow&_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu...

356 B
2 KB

388ms
321ms

Document
text/html

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?key=06cded62b4fc3841f34d7614b6738b16&utm_source=Klaviyo&utm_medium=flow&_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adfc3eb74a44738299fa1e50012e53435d22595b6ead8efa25f73954362f637

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f79eb856-30a5-4fae-841d-582e834a9e52
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f79eb856-30a5-4fae-841d-582e834a9e52

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7434e7f92a0bbb35-FRA
content-encoding: br
content-language: en-IN
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f79eb856-30a5-4fae-841d-582e834a9e52
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:58:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NbOt3VSzDa2Df%2ByB1ak5gNbuZrIZ%2FhHq3uCvGgp7POWJ9mB4glVCWz2l%2FtUXOethpyXgdgSqFMLfIwbDelggS8Xc7micmFAY%2BbzcnwV35zJ1V5L3sLqueTwUCVAh%2FpV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=7889238
vary: Accept-Encoding
x-cmp-answers: {}
x-content-type-options: nosniff
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: f79eb856-30a5-4fae-841d-582e834a9e52
x-robots-tag: none
x-shardid: 178
x-shopid: 6576821
x-shopify-checkout-version: checkout-classic
x-shopify-stage: production
x-sorting-hat-podid: 178
x-sorting-hat-shopid: 6576821
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f79eb856-30a5-4fae-841d-582e834a9e52

Redirect headers

content-length: 264
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:58:09 GMT
location: https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?key=06cded62b4fc3841f34d7614b6738b16&utm_source=Klaviyo&utm_medium=flow&_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz
server: nginx
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-id: Nkhe0LzaX-a5Z7UqG2p1ByLBQMNQxhb_0k8tQpzxgjn71mnceQshYw==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 recover
www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/ 378 B
1 KB 276ms
275ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&key=06cded62b4fc3841f34d7614b6738b16&no_cookies_from_redirect=1&utm_medium=flow&utm_source=Klaviyo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f1db7be7-17fd-41cb-b903-da58e82686db
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f1db7be7-17fd-41cb-b903-da58e82686db

Request headers

Referer: https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?key=06cded62b4fc3841f34d7614b6738b16&utm_source=Klaviyo&utm_medium=flow&_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7434e7fb4e20bb35-FRA
content-encoding: br
content-language: en-IN
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f1db7be7-17fd-41cb-b903-da58e82686db
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:58:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXQHH6JfMDuG9udQWnJl%2Bh3CTrcZ91oWcJSdt7yOZFzDMxxtzpimPRDe%2BPq7Whppd%2Bm6nAlXYTvu6K8vdy9TKAZhUxAQsXU2SeAty58jxXSDEXQATxCO%2FlC7tvOvQjAs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=7889238
vary: Accept-Encoding
x-cmp-answers: {}
x-content-type-options: nosniff
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: f1db7be7-17fd-41cb-b903-da58e82686db
x-robots-tag: none
x-shardid: 178
x-shopid: 6576821
x-shopify-checkout-version: checkout-classic
x-shopify-stage: production
x-sorting-hat-podid: 178
x-sorting-hat-shopid: 6576821
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f1db7be7-17fd-41cb-b903-da58e82686db

GET
H3

200

Primary Request c54cbeb2e8067870e0aaadb5162ddca8 Show response
www.bajaao.com/6576821/checkouts/
Redirect Chain

https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&cookies_blocked=1&key=06cded62b4fc3841f...
https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo

72 KB
24 KB

1293ms
1293ms

Document
text/html

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

187d4c19755d84ba1dd2a4e741a7bfe319d717982748cb50a5afa8e4b9299909

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=bd32ab89-2e85-4fc8-b90c-4605b1214af3
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=bd32ab89-2e85-4fc8-b90c-4605b1214af3

Request headers

Referer: https://www.bajaao.com/6576821/checkouts/4aa533fa92e593ee3cbe4445ee62c226/recover?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&key=06cded62b4fc3841f34d7614b6738b16&no_cookies_from_redirect=1&utm_medium=flow&utm_source=Klaviyo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7434e80029c09954-FRA
content-encoding: br
content-language: en-IN
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=bd32ab89-2e85-4fc8-b90c-4605b1214af3
content-security-policy-report-only: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; child-src c.paypal.com cdn.shopify.com cdn.shopifycdn.net; connect-src 'self' *.shopifycloud.com *.shopifysvc.com payments-eu.amazon.com payments-de.amazon.com payments-uk.amazon.com payments-jp.amazon.com apay-us.amazon.com payments.amazon.com sessions.bugsnag.com analytics.tiktok.com async-px.dynamicyield.com bat.bing.com www.google-analytics.com ct.pinterest.com www.facebook.com graph.facebook.com stats.g.doubleclick.net www.paypal.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.shopify.com cdn.shopifycdn.net cdn.shopifycloud.com app.shopify.com *.shopifycs.com maps.googleapis.com ajax.googleapis.com storage.googleapis.com apis.google.com pay.google.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com www.googleadservices.com www.googletagmanager.com googleads.g.doubleclick.net connect.facebook.net connect.facebook.com static.xx.fbcdn.net www.paypal.com c.paypal.com www.paypalobjects.com sandbox.paypal.com sc-static.net analytics.tiktok.com sf16-muse-va.ibytedtos.com s0.ipstatp.com s16.tiktokcdn.com sf19-scmcdn-va.ibytedtos.com s.pinimg.com api-cdn.amazon.com payments.amazon.com eu.account.amazon.com apac.account.amazon.com payments-de.amazon.com payments-uk.amazon.com payments-jp.amazon.com static-na.payments-amazon.com static-eu.payments-amazon.com static-fe.payments-amazon.com; worker-src 'self' blob:; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=bd32ab89-2e85-4fc8-b90c-4605b1214af3
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:58:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0GvN1pSEcjJZrVQK34IF52be980Q9en6COq1VD%2BJ7m%2BYRmfDAO8xT34%2Bg5eofXKVXyAf%2BvcSIfAKDbpAShTho9X6sDbFG2Gp03D0SY5eU6V7JsQrqn7RgbrD9CMc7H7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=7889238
vary: Accept-Encoding
x-cmp-answers: {}
x-content-type-options: nosniff
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: bd32ab89-2e85-4fc8-b90c-4605b1214af3
x-robots-tag: none
x-shardid: 178
x-shopid: 6576821
x-shopify-checkout-version: checkout-classic
x-shopify-stage: canary
x-sorting-hat-podid: 178
x-sorting-hat-shopid: 6576821
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=bd32ab89-2e85-4fc8-b90c-4605b1214af3

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7434e7fd2bd39954-FRA
content-language: en-IN
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=515e5788-cd23-4995-8726-e2668df5db4f
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:58:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfKdJtOMGuFUIug2Q0WkTOmWr4Onaq5cRmSlGAjC4Td7Yk0BMCbe2cJlzZvq1d7onVEy%2FfNeI8kXffQr85KEZeH7uK809%2BgsuilRNIjaQqVaH6h4OiUw5GFwJB%2FvNxAq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=7889238
x-cmp-answers: {}
x-content-type-options: nosniff
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 515e5788-cd23-4995-8726-e2668df5db4f
x-robots-tag: none
x-shardid: 178
x-shopid: 6576821
x-shopify-checkout-version: checkout-classic
x-shopify-stage: production
x-sorting-hat-podid: 178
x-sorting-hat-shopid: 6576821
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=515e5788-cd23-4995-8726-e2668df5db4f

GET
H2 200 v2-ltr-2021-01-25-42d1e70d98d99cb292e2d3e89e5a2e31-122572
cdn.shopify.com/app/services/6576821/assets/129697054899/checkout_stylesheet/ 176 KB
36 KB 212ms
171ms Stylesheet
text/css 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/app/services/6576821/assets/129697054899/checkout_stylesheet/v2-ltr-2021-01-25-42d1e70d98d99cb292e2d3e89e5a2e31-122572

Requested by

Host: www.bajaao.com
URL: https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

132b46bd81f4055efc05cd81fa25c3751ed4cdb8485b682eb50f515492e7aec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9gh5EbvP1UyYemnjBxip6pMyPs7KcuespGC7x3xFaCDIexS8UALcA746k6fo5wFCP7f7nO1I%2FEh8v9zL4RBObGbnh1SwN4dmnCxQl%2BRxUIPuxRTNV7Yi2RGdxRMj%2FIHMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=17695.845, imageryFetch;dur=17695.493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 116855bc-20aa-4481-8b60-109a134126e9
timing-allow-origin: *
last-modified: Wed, 31 Aug 2022 07:35:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556952, public
cf-ray: 7434e808884991ff-FRA
link: <https://cdn.shopify.com/app/services/6576821/assets/129697054899/checkout_stylesheet/v2-ltr-2021-01-25-42d1e70d98d99cb292e2d3e89e5a2e31-122572>; rel="canonical"

GET
H2 200 countries-973b5c431bba59e9c82c32423f46993c8b34e657-973b5c431bba59e9c82c32423f46993c8b34e657-0-e1413a830127c0c2806dff1ce9313204d837ef12.js Show response
cdn.shopify.com/app/services/6576821/javascripts/checkout_countries/129697054899/en-IN/ 102 KB
30 KB 2157ms
2116ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/app/services/6576821/javascripts/checkout_countries/129697054899/en-IN/countries-973b5c431bba59e9c82c32423f46993c8b34e657-973b5c431bba59e9c82c32423f46993c8b34e657-0-e1413a830127c0c2806dff1ce9313204d837ef12.js?version=2021-01-25

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d21c1640398cba92014ba67bb875d84f7a6073bb089704a162e0fdf66ed9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bajaao.com/
Origin: https://www.bajaao.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56mOL5tarKUwgzoeGyDdWJxO6hJTX0JyDGkxttPPLJhgQtVsc3NOs%2FMuIZi1G%2FTPnqa4aVlF9mSw7r3q%2FfghO7SMopW7fIdDb8rMdAnHcR5RS%2Fclvhuyl3WtQZAL2xjFzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=1847.298, imageryFetch;dur=1846.934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 72c0092b-44b1-41b1-834b-80dcadae50d4
timing-allow-origin: *
last-modified: Wed, 31 Aug 2022 09:58:14 GMT
server: cloudflare
content-language: en-IN
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7434e8088ba29255-FRA
link: <https://cdn.shopify.com/app/services/6576821/javascripts/checkout_countries/129697054899/en-IN/countries-973b5c431bba59e9c82c32423f46993c8b34e657-973b5c431bba59e9c82c32423f46993c8b34e657-0-e1413a830127c0c2806dff1ce9313204d837ef12.js>; rel="canonical"

GET
H2 200 checkout_2021-01-25-7a7a78da2545996e562ca83694b7890414f20b3848b5398f1b93fac253c894ac.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 1 MB
296 KB 922ms
881ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-7a7a78da2545996e562ca83694b7890414f20b3848b5398f1b93fac253c894ac.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a7a78da2545996e562ca83694b7890414f20b3848b5398f1b93fac253c894ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bajaao.com/
Origin: https://www.bajaao.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fY8Mqg1RjLnVgsNDIVSe%2BNqZHX%2BxRYxxkim7r6kq5x1OIDHDXrw1knAegfSEwycJazSWS1925aHEA%2BCxxdMQLwAudyRMUyiS7jeCRVeUwXgl0z%2F0Tzy50LA83r0OTRK0ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=46.443, imageryFetch;dur=46.264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f1b0283c-7009-4ee1-bfd9-400e53698273
timing-allow-origin: *
last-modified: Wed, 31 Aug 2022 09:58:13 GMT
server: cloudflare
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 7434e8088ba49255-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-7a7a78da2545996e562ca83694b7890414f20b3848b5398f1b93fac253c894ac.js>; rel="canonical"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
62 KB 71ms
33ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1064972943

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f3249a87afefb48330b8a184d5ff138b49c03a6d9b2acb7c755900e50e05080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62845
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 09:58:14 GMT

GET
H3 200 Black-Bajaao-Logo.png
cdn.shopify.com/s/files/1/0657/6821/files/ 2 KB
3 KB 172ms
136ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0657/6821/files/Black-Bajaao-Logo.png?122572

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7551deffc475eec977b11f0ea73aec43e0dfb4616301527c90d461635ae1cd73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=224.778, imageryFetch;dur=86.885, imageryProcess;dur=137.021;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2544
x-xss-protection: 1; mode=block
x-request-id: 08c08d6d-9d8f-4203-abe2-6109eeb57a3e
timing-allow-origin: *
last-modified: Wed, 31 Aug 2022 07:34:53 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfx9zyC9%2Fy1W%2BQ4U2WPsfUJtZG4m%2Ff1ueiedw6audxA5B0SvcapCdV1dIw3%2F7qK5ROAAEqWeJXHctajm5qH4VEGkKjN4vtWwly9tavpfZvWkR5G%2BYyx0SiSYD5en5X5l7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7434e813ea578fdc-FRA
link: <https://cdn.shopify.com/s/files/1/0657/6821/files/Black-Bajaao-Logo.png>; rel="canonical"

GET
H3 200 payu.png
cdn.shopify.com/s/files/1/0657/6821/files/ 1 KB
2 KB 141ms
140ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0657/6821/files/payu.png?10390875689820888901

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a621100124720a31faaabb82eb8353cd7d746a080d341e498b8dd678b15e843

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
server-timing: imagery;dur=81.237, imageryFetch;dur=65.819, imageryProcess;dur=14.978;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1242
x-xss-protection: 1; mode=block
x-request-id: 4313572d-78eb-4850-9b4a-9ef215897bd5
timing-allow-origin: *
last-modified: Fri, 26 Aug 2022 03:58:43 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqtDjLZ6yCekkO13XPiMrj5f9QmplXqaqMm%2BClT4uTawbAA3A7xy4dlQsy7hw53Tq027KwgvsY67hrzpYFKNAbTR%2FvTza9LgE8VVywoCFpcDoQ0GAifv0pu112vi9AvKow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7434e814cb508fdc-FRA
link: <https://cdn.shopify.com/s/files/1/0657/6821/files/payu.png>; rel="canonical"

GET
H3 200 ccavanue.png
cdn.shopify.com/s/files/1/0657/6821/files/ 1 KB
2 KB 151ms
151ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0657/6821/files/ccavanue.png?10390875689820888901

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e354e8dc87ee3b49f331b4e62da30375a6762c45e8e276d3fd41794614491be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=72.242, imageryFetch;dur=45.380, imageryProcess;dur=25.965;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1370
x-xss-protection: 1; mode=block
x-request-id: 5fe618e2-6fcb-482a-94c7-04ed8687a141
timing-allow-origin: *
last-modified: Fri, 26 Aug 2022 03:38:08 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xC5XnIsZh%2BfcxNfD5fqdKFJwmAno6D93hRD03s8C3ItNrzQMZuQD8FdD3V3JCzwJRwnIEeoBqYwSgObK0kCsIgIsN938SlHZ5%2F1wD1zpO%2BElt%2BrePcgnmajvN3lsjmBcew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7434e815bc628fdc-FRA
link: <https://cdn.shopify.com/s/files/1/0657/6821/files/ccavanue.png>; rel="canonical"

GET
H3 200 bajaaofinservpayments.jpg
cdn.shopify.com/s/files/1/0657/6821/files/ 3 KB
4 KB 138ms
137ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0657/6821/files/bajaaofinservpayments.jpg?9852098186019968062

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8f38e8030b7e35320940a05fe6f8112a88810b71993cf84646022e6de07933

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
server-timing: imagery;dur=100.882, imageryFetch;dur=55.959, imageryProcess;dur=44.391;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3074
x-xss-protection: 1; mode=block
x-request-id: a3dab779-1ffd-40a2-b57a-bd3db0d3dbbe
timing-allow-origin: *
last-modified: Thu, 25 Aug 2022 23:26:21 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84pWv%2BN2tfQvPZPDxOadhmyRRd%2B%2FZ8W80gzTNO1vnzIP8k0VltAY8HBCq37bjKUTc55otGq7qG2rnXldyVpOGWAKmH0Vpotsc2AxYl2p8Aa23PWtcF05zHoSj4EhyXBgEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7434e815dc918fdc-FRA
link: <https://cdn.shopify.com/s/files/1/0657/6821/files/bajaaofinservpayments.jpg>; rel="canonical"

GET
H3 200 zest.jpg
cdn.shopify.com/s/files/1/0657/6821/files/ 2 KB
3 KB 132ms
131ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0657/6821/files/zest.jpg?4941

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d300600e0382828f7abe094c9a7a5f4cdd21589eec17a52397c58cdee5ba222

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=140.906, imageryFetch;dur=84.659, imageryProcess;dur=55.539;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2286
x-xss-protection: 1; mode=block
x-request-id: f3161086-e44d-4fbf-863c-3eeeeee3dea9
timing-allow-origin: *
last-modified: Fri, 26 Aug 2022 00:00:27 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuH5AzVxzfD5W3O7sPZEKvnNaPOYBPcoS0wPDuxUZ5r3b32%2BSCcA8IssK02V8ES4mfEoZquYZvOwm2%2F%2F0SboIBp37yEywWn4OmYYfQpZfdHno39Hc68PZ6kguUY1C7Marw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7434e8167d3c8fdc-FRA
link: <https://cdn.shopify.com/s/files/1/0657/6821/files/zest.jpg>; rel="canonical"

GET
H3 200 instacred.jpg
cdn.shopify.com/s/files/1/0657/6821/files/ 2 KB
3 KB 320ms
319ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0657/6821/files/instacred.jpg?4945

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051c9138b1d949fcad3dd853b404a2672c84c54943eaa66b6712cc4692d893f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
server-timing: imagery;dur=119.060, imageryFetch;dur=71.129, imageryProcess;dur=46.533;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2100
x-xss-protection: 1; mode=block
x-request-id: a2a90494-32bf-4632-b849-1d0d3cea67dd
timing-allow-origin: *
last-modified: Wed, 31 Aug 2022 09:58:15 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cb4zSDz%2BsJhXC9kow9JKjL2yGM%2FanRYGx2PYnz5pVjNgzDBX6xBVownjrEMU6yzCFNnQXFs3siS%2FKiBjDW4I%2BucZKmBkfm6qQOCJr53z1HuLa1YQn1hj9HYfc6fcEiD1oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7434e8167d418fdc-FRA
link: <https://cdn.shopify.com/s/files/1/0657/6821/files/instacred.jpg>; rel="canonical"

GET
H3 200 0970110508_d41379e4-6624-4355-97c4-ecfd1469900e_small.jpg
cdn.shopify.com/s/files/1/0657/6821/products/ 2 KB
3 KB 147ms
146ms Image
image/webp 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0657/6821/products/0970110508_d41379e4-6624-4355-97c4-ecfd1469900e_small.jpg?v=1653284030

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db241e3f75f1478195d390d6bf106f8891be228e29c2ae3632ea92dac53288ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
server-timing: imagery;dur=135.564, imageryFetch;dur=37.495, imageryProcess;dur=96.773;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1948
x-xss-protection: 1; mode=block
x-request-id: 3188569e-cb76-4d68-9a4c-d5160d1911e4
timing-allow-origin: *
last-modified: Tue, 30 Aug 2022 08:33:48 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzH7DWT6q1s%2BWF3zwagCj%2B6gFFx1A4%2B6guHqCtT6LMXQR7JoFqOnYUWAQPwbfYyu1SXGGDcj%2BTNkpbm8mnC4mjkZnQpTl1erHSm9NfKxXqYl8yI7V6%2BvYf%2BqQlVnQyKCeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 7434e8167d428fdc-FRA
link: <https://cdn.shopify.com/s/files/1/0657/6821/products/0970110508_d41379e4-6624-4355-97c4-ecfd1469900e_small.jpg>; rel="canonical"

GET
H/1.1 200
OK reorderRates.min.js Show response
parcelintelligence.com.au/cs/js/ 2 KB
1 KB 586ms
103ms Script
application/javascript 167.71.251.199
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://parcelintelligence.com.au/cs/js/reorderRates.min.js
Requested by: Host: www.bajaao.com
URL: https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.71.251.199 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: a.parcelintelligence.com.au
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 50290895b2b9547e1094cf817fac45e289ba4618d36610565eb2e5417c2c2463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:58:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 23:03:18 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "7e7-5c0abcd307980-gzip"
Vary: User-Agent,Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=150
Content-Length: 925

POST
H3 200 csp-report
www.bajaao.com/ 0
677 B 171ms
168ms Other
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bajaao.com/csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=bd32ab89-2e85-4fc8-b90c-4605b1214af3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-shopify-stage: canary
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6576821
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7ZGDX%2B1XBnKT%2Bijjcc7Xq9Rb1leuqr0pWgTTV0sNhHF6dUItrWj0Yfzpib32XqpwkoAVVPauaVIv2J9EzoYQ9Np0xoBEXjTp5QChouvDhO9ATLf8gQp7VMuKL3LZC3H"}],"group":"cf-nel","max_age":604800}
content-type: text/html
x-request-id: 83259df0-ff5b-41d4-bc37-a5580ec68f81
vary: Accept-Encoding
cf-ray: 7434e816ac069954-FRA
x-sorting-hat-podid: 178

GET
H2 200 webengage-min-v-6.0.js Show response
ssl.widgets.webengage.com/js/ 201 KB
60 KB 246ms
42ms Script
application/javascript 2606:4700::6812:1d93

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Requested by: Host: www.bajaao.com
URL: https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d93 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2db6d26e1b31c9e3f5cb51e91b63dcaafd885bf86fab1766736a4a245d32c2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 8218
x-cache: Hit from cloudfront
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 12:03:00 GMT
server: cloudflare
etag: W/"62f39e74-324eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-amz-cf-pop: TXL50-P1
cf-ray: 7434e817ffce0204-ZRH
x-amz-cf-id: kpWjy7VbDkcI9bcLnsnHgjPs5aQIAmdVFBmbLiFL7kloQHMxMzRLJQ==
expires: Wed, 31 Aug 2022 09:24:49 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 237ms
53ms Script
text/javascript 142.250.74.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1064972943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 09:58:15 GMT

GET
H3 200 checkbox-tick-66a9a39f70a44a226223ef4c61a701d2d10afaa73ba8846a509fbe58a82f3f36.svg
cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25/ 203 B
955 B 27ms
27ms Image
image/svg+xml 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25/checkbox-tick-66a9a39f70a44a226223ef4c61a701d2d10afaa73ba8846a509fbe58a82f3f36.svg

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/app/services/6576821/assets/129697054899/checkout_stylesheet/v2-ltr-2021-01-25-42d1e70d98d99cb292e2d3e89e5a2e31-122572

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66a9a39f70a44a226223ef4c61a701d2d10afaa73ba8846a509fbe58a82f3f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.shopify.com/app/services/6576821/assets/129697054899/checkout_stylesheet/v2-ltr-2021-01-25-42d1e70d98d99cb292e2d3e89e5a2e31-122572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 471623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5COGkydQZpWKzIqU4netmQRm5najmCMWY80YEQDAh7gWSZs7%2FCaRZ1GYEZAVqCjGgXRSvzWrn1mlfklVqmm%2Bk3srffQIMiTeDuX7ObVrEBvJ0DhfPoimc8nZ6spsQtTh6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=42.952, imageryFetch;dur=41.997, imageryProcess;dur=0.063;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 032feef1-2cdf-412e-bcc8-ebd6a9c5efec
timing-allow-origin: *
last-modified: Thu, 25 Aug 2022 22:57:43 GMT
server: cloudflare
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 7434e816ddc78fdc-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25/checkbox-tick-66a9a39f70a44a226223ef4c61a701d2d10afaa73ba8846a509fbe58a82f3f36.svg>; rel="canonical"

GET
H3 200 trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js Show response
cdn.shopify.com/s/ 78 KB
18 KB 26ms
26ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79bcc635e3bc547b4c6220fef5d2f1cca0d491e779f667b72819b7d5a1caca0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 466391
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4PLb%2F06pWez50hgQj9FVOitqJK2Me%2BoqTHgbZZ7ArWbEQut1ND3xWrF1CdamsbA9VvKTt2IwYsWs%2B5LvA8QKht3jqJiQijxdDlbC%2B06DGic76769ZSWVxRWNn5o23nxDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=30.445, imageryFetch;dur=30.298
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b80ed1bd-e4d3-47a9-977e-63927022779f
timing-allow-origin: *
last-modified: Fri, 26 Aug 2022 00:25:03 GMT
server: cloudflare
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 7434e816fde98fdc-FRA
link: <https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js>; rel="canonical"

GET
H3 200 shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
4 KB 46ms
46ms Script
text/javascript 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 459864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmgIvZujIBkZuZ5KupuaB%2F6M9FAhAzg26SdvC3RgulZlkSFBTe%2BJwD7KLopTEZacQYfXrPwPufphNl6Q%2F3FydQQhoCx0DnKaBxEHbRH4BaL65r3VFW5Bb1d5sSBHzEpHuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=22.599, imageryFetch;dur=22.430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 08b69fc1-ba0b-40f7-a067-ccd68aa642c3
timing-allow-origin: *
last-modified: Fri, 26 Aug 2022 02:13:50 GMT
server: cloudflare
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 7434e816fdeb8fdc-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js>; rel="canonical"

POST
H3 200 csp-report
www.bajaao.com/ 0
681 B 174ms
174ms Other
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6576821
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZdpF%2BtSqVLsGY8Q5bnj0MpZsFrphpEyC3WoaGwrT98r24G2NGSRajqGrR77UeynPr0X6vo5x7FvBH54B%2FWpKC34jnrkSrovITSsYSszuAOGJCDpYb0Wx%2BKg0UTMY7pc"}],"group":"cf-nel","max_age":604800}
content-type: text/html
x-request-id: 62ea9128-511c-47b3-9599-b265b07124fa
vary: Accept-Encoding
cf-ray: 7434e8170c7a9954-FRA
x-sorting-hat-podid: 178

GET
H3 200 dialog Show response
www.bajaao.com/6576821/digital_wallets/ Frame 3D84 2 KB
2 KB 216ms
213ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bajaao.com/6576821/digital_wallets/dialog

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-7a7a78da2545996e562ca83694b7890414f20b3848b5398f1b93fac253c894ac.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b04039f5862b0b40ff27505c6d489a5ebedc424d5c18e0b2506cc9dd8cbe176

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *; report-uri /csp-report?source%5Baction%5D=dialog&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=digital_wallets&source%5Bsection%5D=checkout&source%5Buuid%5D=afc8d040-5dc3-4982-8e09-3b6450ac069e
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=dialog&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=digital_wallets&source%5Bsection%5D=checkout&source%5Buuid%5D=afc8d040-5dc3-4982-8e09-3b6450ac069e

Request headers

Referer: https://www.bajaao.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7434e817edde9954-FRA
content-encoding: br
content-security-policy: frame-ancestors *; report-uri /csp-report?source%5Baction%5D=dialog&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=digital_wallets&source%5Bsection%5D=checkout&source%5Buuid%5D=afc8d040-5dc3-4982-8e09-3b6450ac069e
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:58:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQVwfE1OEH4fSPQI8KLKujA5PnCfN6GWYUkkAeney7xzUKIvsDQRvtfc4MshnyNPP1jsPDWDaYgQy98SSSSMCMjUGP3YDr0qZjiOk1UD3ljHBD4Z%2B%2Bb%2F9oUqZtoDw5oz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=7889238
vary: Accept-Encoding
x-cmp-answers: {}
x-content-type-options: nosniff
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: afc8d040-5dc3-4982-8e09-3b6450ac069e
x-shardid: 178
x-shopid: 6576821
x-shopify-stage: production
x-sorting-hat-podid: 178
x-sorting-hat-shopid: 6576821
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=dialog&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=digital_wallets&source%5Bsection%5D=checkout&source%5Buuid%5D=afc8d040-5dc3-4982-8e09-3b6450ac069e

GET
H2 200 autocomplete_service Show response
checkout.shopify.com/6576821/sandbox/ Frame 9DF6 2 KB
3 KB 327ms
216ms Document
text/html 23.227.38.33

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.shopify.com/6576821/sandbox/autocomplete_service?locale=en-IN

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-7a7a78da2545996e562ca83694b7890414f20b3848b5398f1b93fac253c894ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ae018aa6e7032faedfd8b7a438f2ed194e8d313c1839818bf44447b42eadc7fa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=autocomplete_service&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=b48302b4-6e14-4ddb-bfa3-9a9073fd0053
Strict-Transport-Security	max-age=315569520; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=autocomplete_service&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=b48302b4-6e14-4ddb-bfa3-9a9073fd0053

Request headers

Referer: https://www.bajaao.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7434e8189f875c5c-FRA
content-encoding: br
content-language: en-IN
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=autocomplete_service&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=b48302b4-6e14-4ddb-bfa3-9a9073fd0053
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 09:58:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McIdcOLFLWA5IP3CBTQq2uRm%2B6zpK%2BCqD1F1JSLPKVbauPhvFIrXU%2B5zuPFku%2FJcmU0DDOyP3mQbePle76Tks7jYWUrQfq%2FQ7e27X1AqaQU8JiZQhDvb3MeFvXSRqff1ZHiMsUgI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=315569520; includeSubdomains
vary: Accept-Encoding
x-cmp-answers: {}
x-content-type-options: nosniff
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: b48302b4-6e14-4ddb-bfa3-9a9073fd0053
x-robots-tag: none
x-shardid: 178
x-shopid: 6576821
x-shopify-stage: production
x-sorting-hat-podid: 178
x-sorting-hat-shopid: 6576821
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=autocomplete_service&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=b48302b4-6e14-4ddb-bfa3-9a9073fd0053

GET
H3 200 cart.json Show response
www.bajaao.com/ 283 B
2 KB 178ms
178ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bajaao.com/cart.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-7a7a78da2545996e562ca83694b7890414f20b3848b5398f1b93fac253c894ac.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

613bf268c1a22687232e6bdacabbf81dd04fa9f624e2affa969758e4c806d0eb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bajaao.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west3,us-central1,gcp-us-central1
x-shopify-stage: production
content-type: application/json; charset=utf-8
server-timing: processing;dur=28, db;dur=9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6576821
x-shardid: 178
x-storefront-renderer-rendered: 1
server: cloudflare
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zc3d5szhtZAfTGyKN9q1hbvRd%2FSVMGXZwutA4VFwoEQ4XG%2B7FCr0OWCcT3bVDc%2BTNQDTP7trs%2BvmiM%2BisQ%2FmppEoPHaV%2FmU5NQZadVHfIn2AZE7v8A6TFdbaqSBLJbm%2F"}],"group":"cf-nel","max_age":604800}
x-shopid: 6576821
x-request-id: 54c48969-4297-44bd-88e0-6c29a2dafacb
x-download-options: noopen
vary: Accept-Encoding, Accept
content-security-policy: block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
cf-ray: 7434e8178d4d9954-FRA
x-sorting-hat-podid: 178
x-cartjs-updatedat: 0

POST
H3 200 csp-report
www.bajaao.com/ Frame 84E6 0
0 192ms
157ms Other
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bajaao.com/csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=bd32ab89-2e85-4fc8-b90c-4605b1214af3
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 widget.js Show response
widget.privy.com/assets/ Frame 84E6 320 KB
98 KB 111ms
44ms Script
application/javascript 2606:4700:10::ac43:246a

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.privy.com/assets/widget.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:246a -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

873782432e1d0873b7205728bc0e77b83db5a4bf87ce791bba31fc3e808dc01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
via: 1.1 vegur, 1.1 d96c6a517450b169095d23aff6d646a4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 813
x-cache: Hit from cloudfront
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 00:26:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-pop: LHR3-C2
cf-ray: 7434e8181c5301fc-ZRH
x-amz-cf-id: eMxPVwlQJXS_k_9KAehZ8wWI3SsHezKNMv3VPGnEi9gIoBv1BwfqRw==

POST
H3 200 csp-report
www.bajaao.com/ 0
681 B 173ms
170ms Other
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6576821
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MthCXe%2BZT9BZd3o%2FWjcHVhNpqjXc2f7Fn8m440p466qN2hlMrwFWKaQJ5w2Itczko9%2B5AGxQ0ogzbdpYolkdNo6YyaPBHbmCytk4jsKDFB2%2F9Ax0BYk81pKjncxLzXFM"}],"group":"cf-nel","max_age":604800}
content-type: text/html
x-request-id: 2d338b57-b847-42a1-9e65-fd5d3ba21166
vary: Accept-Encoding
cf-ray: 7434e817ede49954-FRA
x-sorting-hat-podid: 178

POST
H3 200 csp-report
www.bajaao.com/ 0
686 B 166ms
164ms Other
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6576821
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2By6LN814K009Y2Ui%2FUdg6dStBqKR2bZkdCaEzKb1%2F59uWtlD0%2Fxf%2FjgX3nX5TWeAcXfrEeiLdXW9j%2BJty%2FP1ipYhkghxRj6%2BXudePW4wijJpO2cXopOznisBTfBYecI"}],"group":"cf-nel","max_age":604800}
content-type: text/html
x-request-id: bb1f9661-2ce0-49b4-9a30-cd507f9d300c
vary: Accept-Encoding
cf-ray: 7434e817ede69954-FRA
x-sorting-hat-podid: 178

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
322 B 264ms
176ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: fe12fc3f-27ef-404e-98e0-baad6d271b43
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQqsPM%2BCL2agsRet6e1xNkJaMPSQnDlWmDm%2B7kF1ZPojOGRBQt0MFPHgy3tlR16bIotjKJRiX2aL45MtLNB%2F%2F0Ln%2FC%2FHbKl9DeTVNNyrf6hVqXSGkukFiFbvuyAqg5JCbwOv3O4%2BqBZzyLrhmEo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.bajaao.com
access-control-allow-credentials: true
cf-ray: 7434e8187ad79bfb-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 56ms
19ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26683
x-xss-protection: 0
pragma: public
x-fb-debug: SHT4d5bpBq+9hqiajr/b2AxT+XXAT1uB8Kjoc9EyvdRqpUXb+EOYpOjfVAbMAZM17RQ/VpM/IH6xCx+DNDTyAg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 31 Aug 2022 09:58:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3375
date: Wed, 31 Aug 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 31 Aug 2022 11:02:00 GMT

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
297 B 204ms
139ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 08d8e83b-16bd-4c5d-a8a9-1f7b2f17661b
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1c0RctZ0eeged4oOYMxX9C35eRawNA9t6lKc%2B8JF%2BPVWd00%2FGXkRgAdahuA2Wt45agElEhg%2FsUhpE139S7n%2FIzCBaUdKBop36vs%2FRsyHboIidoS3vQ6PMrFAx8Fn7aTQ7n7yvsHK6R3JrF0YWCw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.bajaao.com
access-control-allow-credentials: true
cf-ray: 7434e8187ada9bfb-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
298 B 193ms
132ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 12e7260b-4493-4c30-a519-fa720a3460e6
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr1qn6kFqt%2FOwVjZ8i3vfDvhrTpSabcrldRPc2b9vWVUoKBqG5V5hJLKEUYVYi2Oux%2Beb%2FsIlldgaYR9F3DpytMNI1pFyLo9oNC4y9dEa3sydw1l7AUBmhmpdzSGbY0y6BgBevJOR0vN2y%2Fma74%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.bajaao.com
access-control-allow-credentials: true
cf-ray: 7434e8187adc9bfb-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
924 B 186ms
132ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 4cd70acb-f734-40e2-a0cc-a40af22e8d47
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwsB11r8dQBRvwpg%2B9SIZJ4GHIt9U2LCgelfHRsnq7SPsnvW6kUqnS8X%2FXHgTEW%2BoF9YLBvO0P9pI95eNIjNzlNi0Kx3Bc9FYepJNHfpYpEpvC3F3da4KxxHe4ae1HNLKaaiyp99GXDEk%2B4zKS8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.bajaao.com
access-control-allow-credentials: true
cf-ray: 7434e8187ade9bfb-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
300 B 193ms
139ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 682b328c-951d-4f55-ae4b-3a5e6fd9bef3
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DO%2F7ROxYN%2B%2BBeF%2FnMmWh0NHofBPYHmyM1oMJ5HxNHaEQZPyMg7HP2PvdJfUMb9I%2FKf19ziBu7hEiByQ89VwBfV9dD9We3i5Y4c4qp5aDprycCe9wiJYbDL%2FGAigtuDxdW40mZ8EIMKl46oVBIA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.bajaao.com
access-control-allow-credentials: true
cf-ray: 7434e8188afb9bfb-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H2 200 storage-frame-1.18.htm Show response
76aa7a5.webengage.co/ Frame E70B 3 KB
2 KB 97ms
18ms Document
text/html 2600:9000:223d:da00:8:cf94:88c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://76aa7a5.webengage.co/storage-frame-1.18.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=76aa7a5
Requested by: Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:da00:8:cf94:88c0:93a1 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 16c8ad014e255e48470f6856e3ac20f6050865f72e971417501057d4aeaddd98

Request headers

Referer: https://www.bajaao.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 3598
cache-control: max-age=14400
content-encoding: gzip
content-type: text/html
date: Wed, 31 Aug 2022 08:58:17 GMT
etag: W/"60b76f62-d60"
expires: Wed, 31 Aug 2022 12:58:17 GMT
last-modified: Wed, 02 Jun 2021 11:45:38 GMT
server: nginx/1.18.0
vary: Accept-Encoding
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-amz-cf-id: GtOTROmF-3ulC8CB7anDayi9fNSS0vVQkB0t_DmyUFIp7lar_2gq4w==
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront

POST
H3 200 csp-report
www.bajaao.com/ 0
683 B 174ms
174ms Other
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west3,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 6576821
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEASasdfis919tAUBzneFyAEtuvDRN97%2BlpQhYIWI9bF7zoNehrJLSCxPxXqlzEIGBsRkGYoH37XSJ%2FtcNTXUX6yAIlFkgYJX%2F3goXmOhwe%2FES6POGLLHbLX19oBm6ZT"}],"group":"cf-nel","max_age":604800}
content-type: text/html
x-request-id: 1b5b61d1-945a-4ba6-a532-8cea04c9e712
vary: Accept-Encoding
cf-ray: 7434e8188f049954-FRA
x-sorting-hat-podid: 178

GET
H3 200 420808921427344 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 76ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/420808921427344?v=2.9.78&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

494c4ee555ccff9a485d6564a895361b4c65cb9b18e52a034fdf6ea78ca12da5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: OlRnVmNg00FxWcRhAmiuit1rBiDtCtQ6bJteEUPZgfw8Ys78Qh7/sAHHGzMQkoYCqd35StTQJGCL6LS5ltjWwA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 31 Aug 2022 09:58:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 53ms
17ms Script
text/javascript 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 31 Aug 2022 10:07:23 GMT

GET
H3 404 js
www.google-analytics.com/gtm/ 0
0 53ms
27ms Script
text/html 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/gtm/js?id=GTM-WFXMF42&cid=1566828401.1661939895
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
295 B 177ms
172ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.b4cc929cccb656f473260f71b40c19ca40940b43.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: dc6eae43-e6f7-40c1-818a-6fe60c33300b
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sx3ll2On2WvNKvlwuxy8j3dncMGQed0Xbgf7EPE9D0F2yXdT%2FIujS69BgWBZgEqf3CTub%2BJjC8MIwQatt2d6Mbkj7%2F6z7aY7JmcanafVrXI3ceoFBzaCmWCLqMeagF0rbHGUsYX2m25ECRn5VFI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.bajaao.com
access-control-allow-credentials: true
cf-ray: 7434e8190bec9bfb-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 102ms
37ms XHR
text/plain 2a00:1450:400c:c06::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-526320-1&cid=1566828401.1661939895&jid=987814975&gjid=1205418244&_gid=1524549241.1661939895&_u=aGBAgEILRAAAAE~&z=1775389481

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bajaao.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Aug 2022 09:58:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.bajaao.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2138956017&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bajaao.com%2F6576821%2Fcheckouts%2Fc54cbeb2e8067870e0aaadb5162ddca8%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26utm_medium%3Dflow%26utm_source%3DKlaviyo&dp=%2Fcheckout%2Fcontact_information%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26utm_medium%3Dflow%26utm_source%3DKlaviyo&ul=en-us&de=UTF-8&dt=Checkout%20-%20Contact%20information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEILR~&jid=987814975&gjid=1205418244&cid=1566828401.1661939895&tid=UA-526320-1&_gid=1524549241.1661939895&did=BwiEti&z=1593489897

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 19:24:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52434
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
16ms Image
image/gif 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2138956017&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.bajaao.com%2F6576821%2Fcheckouts%2Fc54cbeb2e8067870e0aaadb5162ddca8%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26utm_medium%3Dflow%26utm_source%3DKlaviyo&dp=%2Fcheckout%2Fcontact_information%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26utm_medium%3Dflow%26utm_source%3DKlaviyo&ul=en-us&de=UTF-8&dt=Checkout%20-%20Contact%20information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Checkout%20-%20Contact%20information%20Page&ev=0&_u=aGBAgEILRAAAAE~&jid=&gjid=&cid=1566828401.1661939895&tid=UA-526320-1&_gid=1524549241.1661939895&did=BwiEti&z=244689938

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 19:24:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52434
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2138956017&t=event&ni=1&cu=INR&_s=3&dl=https%3A%2F%2Fwww.bajaao.com%2F6576821%2Fcheckouts%2Fc54cbeb2e8067870e0aaadb5162ddca8%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26utm_medium%3Dflow%26utm_source%3DKlaviyo&dp=%2Fcheckout%2Fcontact_information%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26utm_medium%3Dflow%26utm_source%3DKlaviyo&ul=en-us&de=UTF-8&dt=Checkout%20-%20Contact%20information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EnhancedEcommerce&ea=Started%20Order&_u=aGBAgEILRAAAAE~&jid=&gjid=&cid=1566828401.1661939895&tid=UA-526320-1&_gid=1524549241.1661939895&did=BwiEti&cos=1&pa=checkout&pr1id=FEN-0970110532&pr1nm=Fender%20CD%2060%20Dread%20V3%20DS%206%20String%20Acoustic%20Guitar%20-%20Single%20%2F%20Sunburst&pr1ca=Acoustic%20Guitars&pr1qt=1&pr1pr=11040.00&pr1br=Fender&pr1va=Single%20%2F%20Sunburst&z=195537276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Aug 2022 19:24:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52434
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
0

GET v4.js
wsdk-files.webengage.com/webengage/76aa7a5/ Frame E70B 0
0

GET main-4faf59e779be638d9071363d1695f5fe9946ffbf8d369b2479d545f3273a73fe.css
cdn.shopify.com/shopifycloud/shopify/assets/digital_wallets/ Frame 3D84 0
0

GET scripts-55e24e81109830a47f72041bb443c652a16942be0f215221025c032aa681561b.js
cdn.shopify.com/shopifycloud/shopify/assets/services/digital_wallets/ Frame 3D84 0
0

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 90ms
29ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=420808921427344&ev=PageView&dl=https%3A%2F%2Fwww.bajaao.com%2F6576821%2Fcheckouts%2Fc54cbeb2e8067870e0aaadb5162ddca8%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26utm_medium%3Dflow%26utm_source%3DKlaviyo&rl=https%3A%2F%2Fwww.bajaao.com%2F6576821%2Fcheckouts%2F4aa533fa92e593ee3cbe4445ee62c226%2Frecover%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26key%3D06cded62b4fc3841f34d7614b6738b16%26no_cookies_from_redirect%3D1%26utm_medium%3Dflow%26utm_source%3DKlaviyo&if=false&ts=1661939895274&sw=1600&sh=1200&v=2.9.78&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1661939895271.1075712585&it=1661939895127&coo=false&eid=f3565bc9-7836-4F61-8070-C27777CA3FE2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 31 Aug 2022 09:58:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 89ms
29ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=420808921427344&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.bajaao.com%2F6576821%2Fcheckouts%2Fc54cbeb2e8067870e0aaadb5162ddca8%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26utm_medium%3Dflow%26utm_source%3DKlaviyo&rl=https%3A%2F%2Fwww.bajaao.com%2F6576821%2Fcheckouts%2F4aa533fa92e593ee3cbe4445ee62c226%2Frecover%3F_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz%26key%3D06cded62b4fc3841f34d7614b6738b16%26no_cookies_from_redirect%3D1%26utm_medium%3Dflow%26utm_source%3DKlaviyo&if=false&ts=1661939895276&cd[content_ids]=%5B3963070349384%5D&cd[content_type]=product_group&cd[currency]=INR&cd[value]=11040.00&cd[num_items]=1&sw=1600&sh=1200&v=2.9.78&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1661939895271.1075712585&it=1661939895127&coo=false&eid=f3565bdf-D0BE-4756-DB9A-F4677FAE13BF&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bajaao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:58:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 31 Aug 2022 09:58:15 GMT

GET ga-audiences
www.google.com/ads/ 0
0

GET ga-audiences
www.google.de/ads/ 0
0

GET sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js
cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/ Frame 9DF6 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: monorail-edge.shopifysvc.com
URL: https://monorail-edge.shopifysvc.com/unstable/produce_batch

Domain: wsdk-files.webengage.com
URL: https://wsdk-files.webengage.com/webengage/76aa7a5/v4.js

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/digital_wallets/main-4faf59e779be638d9071363d1695f5fe9946ffbf8d369b2479d545f3273a73fe.css

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/services/digital_wallets/scripts-55e24e81109830a47f72041bb443c652a16942be0f215221025c032aa681561b.js

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-526320-1&cid=1566828401.1661939895&jid=987814975&_u=aGBAgEILRAAAAE~&z=474691428

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-526320-1&cid=1566828401.1661939895&jid=987814975&_u=aGBAgEILRAAAAE~&z=474691428

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8	1970-01-20 06:09:14	Name: checkout Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVU0TVRjeE1HVTJNVFJqTkdRMk1URXlNVE13WVdRek1tRXhZakU1TjJNellnWTZCa1ZVIiwiZXhwIjoiMjAyMi0wOS0yMVQwOTo1ODoxMS40MjRaIiwicHVyIjoiY29va2llLmNoZWNrb3V0In19--1389b5ff5ef03769f4d89d9ecabcf08fd3e9b464
www.bajaao.com/6576821	1970-01-20 14:24:35	Name: checkout_token Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVZqTlRSalltVmlNbVU0TURZM09EY3daVEJoWVdGa1lqVXhOakprWkdOaE9BWTZCa1ZVIiwiZXhwIjoiMjAyMy0wOC0zMVQwOTo1ODoxMS40MjRaIiwicHVyIjoiY29va2llLmNoZWNrb3V0X3Rva2VuIn19--ebcf9980759339d99e6309e155428710ca8365d7
www.bajaao.com/6576821	1970-01-20 14:24:35	Name: tracked_start_checkout Value: c54cbeb2e8067870e0aaadb5162ddca8
.bajaao.com/	1970-01-20 05:59:09	Name: _orig_referrer Value:
.bajaao.com/	1970-01-20 05:59:09	Name: _landing_page Value: %2F6576821%2Fcheckouts%2F4aa533fa92e593ee3cbe4445ee62c226%2Frecover%3Fkey%3D06cded62b4fc3841f34d7614b6738b16%26utm_source%3DKlaviyo%26utm_medium%3Dflow%26_kx%3DawwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz
.bajaao.com/	1970-01-20 14:24:35	Name: _y Value: 948347e5-8d78-4b1a-9ab9-e148c63fda72
.bajaao.com/	1970-01-20 05:39:01	Name: _s Value: 273f6e53-1419-46bb-975a-7116adffbb90
.bajaao.com/	1970-01-20 14:24:35	Name: _shopify_y Value: 948347e5-8d78-4b1a-9ab9-e148c63fda72
.bajaao.com/	1970-01-20 05:39:01	Name: _shopify_s Value: 273f6e53-1419-46bb-975a-7116adffbb90
www.bajaao.com/	1970-01-20 05:38:59	Name: test_cookie Value:
www.bajaao.com/	1970-01-20 05:39:03	Name: _checkout_queue_token Value: Ah0HmS87GckRAJEpp9_uyMLEW67HU-GPos65Z2V22lUmWMd-uNH7V_e9pE22tVET7zvwHE7JMF2esjuJgUS_fq0yohj7VJ2cd9q2PJOCSchLqc6dT84LH2do0Rq0rQZuWmQBaHMquslik75QJ8xDbDOcEH-EFuAFPYoEMeua
www.bajaao.com/	1970-01-20 05:39:03	Name: _checkout_queue_checkout_token Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVZqTlRSalltVmlNbVU0TURZM09EY3daVEJoWVdGa1lqVXhOakprWkdOaE9BWTZCa1ZVIiwiZXhwIjoiMjAyMi0wOC0zMVQxMDo1ODoxMS4xMTVaIiwicHVyIjoiY29va2llLl9jaGVja291dF9xdWV1ZV9jaGVja291dF90b2tlbiJ9fQ%3D%3D--33a059e467adb41a842b26883d4363fb9173407c
www.bajaao.com/	1970-01-20 05:40:26	Name: _secure_session_id Value: a8ffbd2fb379ec726c9d7964078a3865

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo(Line 155) Message: [Report Only] Refused to load the script 'https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.shopify.com cdn.shopifycdn.net cdn.shopifycloud.com app.shopify.com *.shopifycs.com maps.googleapis.com ajax.googleapis.com storage.googleapis.com apis.google.com pay.google.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com www.googleadservices.com www.googletagmanager.com googleads.g.doubleclick.net connect.facebook.net connect.facebook.com static.xx.fbcdn.net www.paypal.com c.paypal.com www.paypalobjects.com sandbox.paypal.com sc-static.net analytics.tiktok.com sf16-muse-va.ibytedtos.com s0.ipstatp.com s16.tiktokcdn.com sf19-scmcdn-va.ibytedtos.com s.pinimg.com api-cdn.amazon.com payments.amazon.com eu.account.amazon.com apac.account.amazon.com payments-de.amazon.com payments-uk.amazon.com payments-jp.amazon.com static-na.payments-amazon.com static-eu.payments-amazon.com static-fe.payments-amazon.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.bajaao.com/6576821/checkouts/c54cbeb2e8067870e0aaadb5162ddca8?_kx=awwHeLsKkY01NUZpWW3rLsQeiNCeUY6QvixBpEu4ddy46UUbZ8819u7xxvcmrcHn.mz2fTz&utm_medium=flow&utm_source=Klaviyo Message: [Report Only] Refused to load the script 'https://parcelintelligence.com.au/cs/js/reorderRates.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.shopify.com cdn.shopifycdn.net cdn.shopifycloud.com app.shopify.com *.shopifycs.com maps.googleapis.com ajax.googleapis.com storage.googleapis.com apis.google.com pay.google.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com www.googleadservices.com www.googletagmanager.com googleads.g.doubleclick.net connect.facebook.net connect.facebook.com static.xx.fbcdn.net www.paypal.com c.paypal.com www.paypalobjects.com sandbox.paypal.com sc-static.net analytics.tiktok.com sf16-muse-va.ibytedtos.com s0.ipstatp.com s16.tiktokcdn.com sf19-scmcdn-va.ibytedtos.com s.pinimg.com api-cdn.amazon.com payments.amazon.com eu.account.amazon.com apac.account.amazon.com payments-de.amazon.com payments-uk.amazon.com payments-jp.amazon.com static-na.payments-amazon.com static-eu.payments-amazon.com static-fe.payments-amazon.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: about:srcdoc(Line 16) Message: [Report Only] Refused to load the script 'https://widget.privy.com/assets/widget.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.shopify.com cdn.shopifycdn.net cdn.shopifycloud.com app.shopify.com *.shopifycs.com maps.googleapis.com ajax.googleapis.com storage.googleapis.com apis.google.com pay.google.com www.google-analytics.com ssl.google-analytics.com www.gstatic.com www.googleadservices.com www.googletagmanager.com googleads.g.doubleclick.net connect.facebook.net connect.facebook.com static.xx.fbcdn.net www.paypal.com c.paypal.com www.paypalobjects.com sandbox.paypal.com sc-static.net analytics.tiktok.com sf16-muse-va.ibytedtos.com s0.ipstatp.com s16.tiktokcdn.com sf19-scmcdn-va.ibytedtos.com s.pinimg.com api-cdn.amazon.com payments.amazon.com eu.account.amazon.com apac.account.amazon.com payments-de.amazon.com payments-uk.amazon.com payments-jp.amazon.com static-na.payments-amazon.com static-eu.payments-amazon.com static-fe.payments-amazon.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://cdn.shopify.com/ Message: [Report Only] Refused to frame 'https://www.bajaao.com/6576821/digital_wallets/dialog' because it violates the following Content Security Policy directive: "child-src c.paypal.com cdn.shopify.com cdn.shopifycdn.net". Note that 'frame-src' was not explicitly set, so 'child-src' is used as a fallback.
security	error	URL: https://cdn.shopify.com/ Message: [Report Only] Refused to frame 'https://checkout.shopify.com/' because it violates the following Content Security Policy directive: "child-src c.paypal.com cdn.shopify.com cdn.shopifycdn.net". Note that 'frame-src' was not explicitly set, so 'child-src' is used as a fallback.
security	error	URL: https://ssl.widgets.webengage.com/ Message: [Report Only] Refused to frame 'https://76aa7a5.webengage.co/' because it violates the following Content Security Policy directive: "child-src c.paypal.com cdn.shopify.com cdn.shopifycdn.net". Note that 'frame-src' was not explicitly set, so 'child-src' is used as a fallback.
network	error	URL: https://www.google-analytics.com/gtm/js?id=GTM-WFXMF42&cid=1566828401.1661939895 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://ssl.widgets.webengage.com/ Message: [Report Only] Refused to frame 'https://76aa7a5.webengage.co/' because it violates the following Content Security Policy directive: "child-src c.paypal.com cdn.shopify.com cdn.shopifycdn.net". Note that 'frame-src' was not explicitly set, so 'child-src' is used as a fallback.
security	error	URL: https://cdn.shopify.com/ Message: [Report Only] Refused to frame 'https://www.bajaao.com/6576821/digital_wallets/dialog' because it violates the following Content Security Policy directive: "child-src c.paypal.com cdn.shopify.com cdn.shopifycdn.net". Note that 'frame-src' was not explicitly set, so 'child-src' is used as a fallback.
security	error	URL: https://cdn.shopify.com/ Message: [Report Only] Refused to frame 'https://checkout.shopify.com/' because it violates the following Content Security Policy directive: "child-src c.paypal.com cdn.shopify.com cdn.shopifycdn.net". Note that 'frame-src' was not explicitly set, so 'child-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f79eb856-30a5-4fae-841d-582e834a9e52
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/xss-report?source%5Baction%5D=recover&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fcheckouts&source%5Bsection%5D=checkout&source%5Bshop_id%5D=6576821&source%5Buuid%5D=f79eb856-30a5-4fae-841d-582e834a9e52

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

76aa7a5.webengage.co
cdn.shopify.com
checkout.shopify.com
connect.facebook.net
monorail-edge.shopifysvc.com
parcelintelligence.com.au
ssl.widgets.webengage.com
stats.g.doubleclick.net
trk.klclick.com
widget.privy.com
wsdk-files.webengage.com
www.bajaao.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
cdn.shopify.com
monorail-edge.shopifysvc.com
wsdk-files.webengage.com
www.google.com
www.google.de
104.16.255.71
142.250.74.194
167.71.251.199
23.227.38.33
23.227.38.74
2600:9000:223c:8a00:14:c8fd:7700:93a1
2600:9000:223d:da00:8:cf94:88c0:93a1
2606:4700:10::ac43:246a
2606:4700::6812:1d93
2a00:1450:4001:80e::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0d8f38e8030b7e35320940a05fe6f8112a88810b71993cf84646022e6de07933
132b46bd81f4055efc05cd81fa25c3751ed4cdb8485b682eb50f515492e7aec1
16c8ad014e255e48470f6856e3ac20f6050865f72e971417501057d4aeaddd98
187d4c19755d84ba1dd2a4e741a7bfe319d717982748cb50a5afa8e4b9299909
2051c9138b1d949fcad3dd853b404a2672c84c54943eaa66b6712cc4692d893f
2db6d26e1b31c9e3f5cb51e91b63dcaafd885bf86fab1766736a4a245d32c2f3
494c4ee555ccff9a485d6564a895361b4c65cb9b18e52a034fdf6ea78ca12da5
50290895b2b9547e1094cf817fac45e289ba4618d36610565eb2e5417c2c2463
5b04039f5862b0b40ff27505c6d489a5ebedc424d5c18e0b2506cc9dd8cbe176
613bf268c1a22687232e6bdacabbf81dd04fa9f624e2affa969758e4c806d0eb
65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f
66a9a39f70a44a226223ef4c61a701d2d10afaa73ba8846a509fbe58a82f3f36
74d21c1640398cba92014ba67bb875d84f7a6073bb089704a162e0fdf66ed9b6
7551deffc475eec977b11f0ea73aec43e0dfb4616301527c90d461635ae1cd73
79bcc635e3bc547b4c6220fef5d2f1cca0d491e779f667b72819b7d5a1caca0a
7a621100124720a31faaabb82eb8353cd7d746a080d341e498b8dd678b15e843
7a7a78da2545996e562ca83694b7890414f20b3848b5398f1b93fac253c894ac
7adfc3eb74a44738299fa1e50012e53435d22595b6ead8efa25f73954362f637
7d300600e0382828f7abe094c9a7a5f4cdd21589eec17a52397c58cdee5ba222
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873782432e1d0873b7205728bc0e77b83db5a4bf87ce791bba31fc3e808dc01c
9f3249a87afefb48330b8a184d5ff138b49c03a6d9b2acb7c755900e50e05080
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ae018aa6e7032faedfd8b7a438f2ed194e8d313c1839818bf44447b42eadc7fa
db241e3f75f1478195d390d6bf106f8891be228e29c2ae3632ea92dac53288ae
e354e8dc87ee3b49f331b4e62da30375a6762c45e8e276d3fd41794614491be5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c

www.bajaao.com Open in urlscan Pro 23.227.38.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

87 %HTTPS

64 %IPv6

16 Domains

18 Subdomains

14 IPs

4 Countries

816 kBTransfer

2981 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bajaao.com Open in urlscan Pro
23.227.38.74 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

87 %
HTTPS

64 %
IPv6

16
Domains

18
Subdomains

14
IPs

4
Countries

816 kB
Transfer

2981 kB
Size

13
Cookies

55 HTTP transactions
0 data transactions