urlscan.io logo urlscan.io
SecurityTrails logo

www.feastogether.com.tw Open in urlscan Pro
34.107.129.211  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.feastogether.com.tw/
Submission: On November 22 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 34.107.129.211, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.feastogether.com.tw.
This is the only time www.feastogether.com.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    34.107.129.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.129.107.34.bc.googleusercontent.com
www.feastogether.com.tw
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
Apex Domain
Subdomains		 Transfer
11 feastogether.com.tw
www.feastogether.com.tw
3 MB
3 gstatic.com
fonts.gstatic.com
84 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
313 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
storage.googleapis.com — Cisco Umbrella Rank: 409
330 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
87 KB
25 5
Domain Requested by
11 www.feastogether.com.tw www.feastogether.com.tw
3 fonts.gstatic.com fonts.googleapis.com
2 region1.google-analytics.com www.googletagmanager.com
1 storage.googleapis.com www.feastogether.com.tw
1 www.googletagmanager.com www.feastogether.com.tw
1 fonts.googleapis.com www.feastogether.com.tw
25 6

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.feastogether.com.tw
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.feastogether.com.tw/
Frame ID: 89159335EBBB08E3D99CB6FF749893A5
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

饗賓餐旅訂位系統

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

25
Requests

72 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

3797 kB
Transfer

4802 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.feastogether.com.tw/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.feastogether.com.tw/
Protocol
HTTP/1.1
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f6da7a8e1fae1c398c8b6c77662031847886b0f6d03c3d699f06220acfc0d959
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.feastogether.com.tw
Cache-Control
public, max-age=0
Content-Length
3780
Content-Security-Policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Nov 2023 02:01:13 GMT
ETag
W/"ec4-18bf0034cb0"
Last-Modified
Tue, 21 Nov 2023 03:53:50 GMT
Vary
Origin
Via
1.1 google
X-Frame-Options
DENY
css2
fonts.googleapis.com/ 		1 MB
328 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Didact+Gothic&family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@400;500;600;700&display=swap
Requested by
Host: www.feastogether.com.tw
URL: http://www.feastogether.com.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b476b17857ba22dd2e16176891c9a24ea7849f4aaaf0b4ee268ff7250069d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.feastogether.com.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 02:01:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 02:01:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 02:01:13 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9PQXQP3QD6
Requested by
Host: www.feastogether.com.tw
URL: http://www.feastogether.com.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67b883bc736abddb1952d58117614dc0dcdddb6aaafc0e74f6abf451056ec1c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.feastogether.com.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 02:01:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88269
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Nov 2023 02:01:13 GMT
2.27e9aafe.chunk.css
www.feastogether.com.tw/static/css/ 		18 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.feastogether.com.tw/static/css/2.27e9aafe.chunk.css
Requested by
Host: www.feastogether.com.tw
URL: http://www.feastogether.com.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
402b9c76ce9c6ba6f24cf5646751dff1adb790c25a202fca69e4d03dda6456e1
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.feastogether.com.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:13 GMT
via
1.1 google
last-modified
Tue, 21 Nov 2023 03:53:50 GMT
etag
W/"467c-18bf0034cb0"
x-frame-options
DENY
vary
Origin
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://www.feastogether.com.tw
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18044
2.57892f05.chunk.js
www.feastogether.com.tw/static/js/ 		2 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.feastogether.com.tw/static/js/2.57892f05.chunk.js
Requested by
Host: www.feastogether.com.tw
URL: http://www.feastogether.com.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e4756e47d4fcf6e19f7ed1a21363806adb315ccfa5bcf32a62d61480d1a99010
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.feastogether.com.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:13 GMT
via
1.1 google
last-modified
Tue, 21 Nov 2023 03:53:50 GMT
etag
W/"27e9bd-18bf0034cb0"
x-frame-options
DENY
vary
Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.feastogether.com.tw
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2615741
main.60e58f6e.chunk.js
www.feastogether.com.tw/static/js/ 		692 KB
696 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.feastogether.com.tw/static/js/main.60e58f6e.chunk.js
Requested by
Host: www.feastogether.com.tw
URL: http://www.feastogether.com.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
1597ed833273cc6daf2c9d072a51990a77883c9fb4d640d0e82e3f0566532ffe
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.feastogether.com.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:13 GMT
via
1.1 google
last-modified
Tue, 21 Nov 2023 03:53:50 GMT
etag
W/"ad0d8-18bf0034cb0"
x-frame-options
DENY
vary
Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.feastogether.com.tw
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
708824
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9PQXQP3QD6&gtm=45je3b81v868535385&_p=1700618473624&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=317862661.1700618474&ul=en-us&sr=1600x1200&_s=1&sid=1700618473&sct=1&seg=0&dl=http%3A%2F%2Fwww.feastogether.com.tw%2F&dt=%E9%A5%97%E8%B3%93%E9%A4%90%E6%97%85%E8%A8%82%E4%BD%8D%E7%B3%BB%E7%B5%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1001
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9PQXQP3QD6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.feastogether.com.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 02:01:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.feastogether.com.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getThemeColor
www.feastogether.com.tw/api/common/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.feastogether.com.tw/api/common/getThemeColor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
act,content-type,language-locale
Access-Control-Request-Method
POST
Origin
http://www.feastogether.com.tw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,act,Language-Locale
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.feastogether.com.tw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:16 GMT
vary
Origin
via
1.1 google
x-frame-options
DENY
getHeaderMenu
www.feastogether.com.tw/api/common/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.feastogether.com.tw/api/common/getHeaderMenu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
act,content-type,language-locale
Access-Control-Request-Method
POST
Origin
http://www.feastogether.com.tw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,act,Language-Locale
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.feastogether.com.tw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:16 GMT
vary
Origin
via
1.1 google
x-frame-options
DENY
getFooter
www.feastogether.com.tw/api/common/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.feastogether.com.tw/api/common/getFooter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
act,content-type,language-locale
Access-Control-Request-Method
POST
Origin
http://www.feastogether.com.tw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,act,Language-Locale
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.feastogether.com.tw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:16 GMT
vary
Origin
via
1.1 google
x-frame-options
DENY
getBanner
www.feastogether.com.tw/api/common/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.feastogether.com.tw/api/common/getBanner
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
act,content-type,language-locale
Access-Control-Request-Method
POST
Origin
http://www.feastogether.com.tw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,act,Language-Locale
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.feastogether.com.tw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:16 GMT
vary
Origin
via
1.1 google
x-frame-options
DENY
getLobbyData
www.feastogether.com.tw/api/booking/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.feastogether.com.tw/api/booking/getLobbyData
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
act,content-type,language-locale
Access-Control-Request-Method
GET
Origin
http://www.feastogether.com.tw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,act,Language-Locale
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.feastogether.com.tw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:16 GMT
vary
Origin
via
1.1 google
x-frame-options
DENY
checkIsUserTokenExisted
www.feastogether.com.tw/api/994f5388-d001-4ca4-a7b1-72750d4211cf/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.feastogether.com.tw/api/994f5388-d001-4ca4-a7b1-72750d4211cf/checkIsUserTokenExisted
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
act,content-type,language-locale
Access-Control-Request-Method
POST
Origin
http://www.feastogether.com.tw
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,act,Language-Locale
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.feastogether.com.tw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:16 GMT
vary
Origin
via
1.1 google
x-frame-options
DENY
getThemeColor
www.feastogether.com.tw/api/common/ 		0
0
getHeaderMenu
www.feastogether.com.tw/api/common/ 		0
0
getFooter
www.feastogether.com.tw/api/common/ 		0
0
getBanner
www.feastogether.com.tw/api/common/ 		0
0
getLobbyData
www.feastogether.com.tw/api/booking/ 		0
0
checkIsUserTokenExisted
www.feastogether.com.tw/api/994f5388-d001-4ca4-a7b1-72750d4211cf/ 		0
0
-nF7OG829Oofr2wohFbTp9i1OCEK.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9i1OCEK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Didact+Gothic&family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c06498a30c738b01e8b9bd63af7b835ef8a00c6443499c1f1a2d1389da8ad932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.feastogether.com.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:40:28 GMT
x-content-type-options
nosniff
age
440448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24952
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:28:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:40:28 GMT
XLY9IZb5bJNDGYxLBibeHZ0BvssrXX5MTw.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrXX5MTw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Didact+Gothic&family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22da5f0a4d71e350caa293772de75f23c7670d2dd53b9517d693e3207c5e6d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.feastogether.com.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 00:22:20 GMT
x-content-type-options
nosniff
age
178736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24500
x-xss-protection
0
last-modified
Mon, 09 May 2022 20:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 00:22:20 GMT
logo_grey.png
storage.googleapis.com/stage_ieat_public/image/client/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/stage_ieat_public/image/client/logo/logo_grey.png
Requested by
Host: www.feastogether.com.tw
URL: http://www.feastogether.com.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bd9598d9613e49697b5c3947b16fd1130f2f1bb453bb348fab27d2b296b371c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.feastogether.com.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 02:01:17 GMT
x-guploader-uploadid
ABPtcPrFCEJjEJt1mS9FzNYy3tJOHTIpBUo7OmnIaPy4Vw-Kx6Uiw6koIuP5maLm4NBQWBwkhEqdGJRRjQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1565
last-modified
Tue, 02 Aug 2022 03:56:55 GMT
server
UploadServer
etag
"08def06b1418f26e8ea18037b2fcd856"
x-goog-generation
1659412615673132
content-type
image/png
x-goog-hash
crc32c=ElOzxw==, md5=CN7waxQY8m6OoYA3svzYVg==
cache-control
public, max-age=3600
x-goog-stored-content-length
1565
accept-ranges
bytes
expires
Wed, 22 Nov 2023 03:01:17 GMT
logoWithText_brown.344ffb52.png
www.feastogether.com.tw/static/media/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.feastogether.com.tw/static/media/logoWithText_brown.344ffb52.png
Requested by
Host: www.feastogether.com.tw
URL: http://www.feastogether.com.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.129.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.129.107.34.bc.googleusercontent.com
Software
/
Resource Hash
1dcdeb882287f94674566d6b127622f37728c027672efd7a49d1a3edefa002e8
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.feastogether.com.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
date
Wed, 22 Nov 2023 02:01:16 GMT
via
1.1 google
last-modified
Tue, 21 Nov 2023 03:53:50 GMT
etag
W/"3c3a-18bf0034cb0"
x-frame-options
DENY
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.feastogether.com.tw
cache-control
public, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15418
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Didact+Gothic&family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d1c673ab93e90b90035f39e95c2248f683c873b87fbd62fc710fd52beb83800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.feastogether.com.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 22:40:09 GMT
x-content-type-options
nosniff
age
12067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35752
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:31:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 22:40:09 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9PQXQP3QD6&gtm=45je3b81v868535385&_p=1700618473624&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=317862661.1700618474&ul=en-us&sr=1600x1200&_eu=AEA&_s=2&sid=1700618473&sct=1&seg=0&dl=http%3A%2F%2Fwww.feastogether.com.tw%2F&dt=%E9%A5%97%E8%B3%93%E9%A4%90%E6%97%85%E8%A8%82%E4%BD%8D%E7%B3%BB%E7%B5%B1&en=scroll&epn.percent_scrolled=90&_et=39&tfd=6044
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9PQXQP3QD6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.feastogether.com.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 02:01:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.feastogether.com.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.feastogether.com.tw
URL
https://www.feastogether.com.tw/api/common/getThemeColor
Domain
www.feastogether.com.tw
URL
https://www.feastogether.com.tw/api/common/getHeaderMenu
Domain
www.feastogether.com.tw
URL
https://www.feastogether.com.tw/api/common/getFooter
Domain
www.feastogether.com.tw
URL
https://www.feastogether.com.tw/api/common/getBanner
Domain
www.feastogether.com.tw
URL
https://www.feastogether.com.tw/api/booking/getLobbyData
Domain
www.feastogether.com.tw
URL
https://www.feastogether.com.tw/api/994f5388-d001-4ca4-a7b1-72750d4211cf/checkIsUserTokenExisted

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| webpackJsonpieat-front function| _

2 Cookies

Domain/Path Name / Value
.feastogether.com.tw/ Name: _ga
Value: GA1.1.317862661.1700618474
.feastogether.com.tw/ Name: _ga_9PQXQP3QD6
Value: GS1.1.1700618473.1.0.1700618473.0.0.0

12 Console Messages

Source Level URL
Text
javascript error URL: http://www.feastogether.com.tw/
Message:
Access to fetch at 'https://www.feastogether.com.tw/api/common/getHeaderMenu' from origin 'http://www.feastogether.com.tw' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.feastogether.com.tw' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.feastogether.com.tw/api/common/getHeaderMenu
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.feastogether.com.tw/
Message:
Access to fetch at 'https://www.feastogether.com.tw/api/common/getFooter' from origin 'http://www.feastogether.com.tw' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.feastogether.com.tw' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.feastogether.com.tw/api/common/getFooter
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.feastogether.com.tw/
Message:
Access to fetch at 'https://www.feastogether.com.tw/api/common/getBanner' from origin 'http://www.feastogether.com.tw' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.feastogether.com.tw' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.feastogether.com.tw/api/common/getBanner
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.feastogether.com.tw/
Message:
Access to fetch at 'https://www.feastogether.com.tw/api/994f5388-d001-4ca4-a7b1-72750d4211cf/checkIsUserTokenExisted' from origin 'http://www.feastogether.com.tw' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.feastogether.com.tw' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.feastogether.com.tw/api/994f5388-d001-4ca4-a7b1-72750d4211cf/checkIsUserTokenExisted
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.feastogether.com.tw/
Message:
Access to fetch at 'https://www.feastogether.com.tw/api/common/getThemeColor' from origin 'http://www.feastogether.com.tw' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.feastogether.com.tw' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.feastogether.com.tw/api/common/getThemeColor
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://www.feastogether.com.tw/
Message:
Access to fetch at 'https://www.feastogether.com.tw/api/booking/getLobbyData' from origin 'http://www.feastogether.com.tw' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.feastogether.com.tw' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.feastogether.com.tw/api/booking/getLobbyData
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';object-src 'none';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;base-uri 'none';connect-src 'self' https://storage.googleapis.com https: data:;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;img-src 'self' https://storage.googleapis.com data: https:;font-src https://fonts.gstatic.com data:;form-action https://www.focas.fisc.com.tw/FOCAS_WEBPOS/online https:;frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
X-Frame-Options DENY