urlscan.io logo urlscan.io
SecurityTrails logo

capacitor-poc.mfbinternal.co.nz Open in urlscan Pro
172.67.186.137  Public Scan

Go To Rescan Add Verdict Report
URL: https://capacitor-poc.mfbinternal.co.nz/
Submission: On May 07 via automatic, source certstream-suspicious — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 172.67.186.137, located in United States and belongs to CLOUDFLARENET, US. The main domain is capacitor-poc.mfbinternal.co.nz.
TLS certificate: Issued by E1 on April 20th 2024. Valid for: 3 months.
This is the only time capacitor-poc.mfbinternal.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 172.67.186.137 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
4 104.18.70.113 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
5 104.16.51.111 13335 (CLOUDFLAR...)
20 7
4    172.67.186.137 (United States)

ASN13335 (CLOUDFLARENET, US)
capacitor-poc.mfbinternal.co.nz
1    2404:6800:4006:812::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
1    2404:6800:4006:80a::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
myfoodbag1637217353.zendesk.com
Apex Domain
Subdomains		 Transfer
5 zendesk.com
myfoodbag1637217353.zendesk.com
2 KB
5 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2248
ekr.zdassets.com — Cisco Umbrella Rank: 2556
154 KB
4 mfbinternal.co.nz
capacitor-poc.mfbinternal.co.nz
152 KB
1 gstatic.com
fonts.gstatic.com
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
0 azurewebsites.net Failed
mfb-account-ae-test.azurewebsites.net Failed
20 6
Domain Requested by
5 myfoodbag1637217353.zendesk.com static.zdassets.com
4 static.zdassets.com capacitor-poc.mfbinternal.co.nz
static.zdassets.com
4 capacitor-poc.mfbinternal.co.nz capacitor-poc.mfbinternal.co.nz
1 fonts.gstatic.com fonts.googleapis.com
1 ekr.zdassets.com static.zdassets.com
1 fonts.googleapis.com capacitor-poc.mfbinternal.co.nz
0 mfb-account-ae-test.azurewebsites.net Failed capacitor-poc.mfbinternal.co.nz
20 7

This site contains no links.

Subject Issuer Validity Valid
mfbinternal.co.nz
E1		 2024-04-20 -
2024-07-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
zdassets.com
E1		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
myfoodbag1637217353.zendesk.com
Cloudflare Inc ECC CA-3		 2023-09-18 -
2024-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://capacitor-poc.mfbinternal.co.nz/
Frame ID: B5148C99541EE66820919778B63C5444
Requests: 11 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
Frame ID: D4D7672C4F6DD11912E6FAFE2A183C51
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vite + React + TS

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

80 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

339 kB
Transfer

989 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
capacitor-poc.mfbinternal.co.nz/ 		990 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://capacitor-poc.mfbinternal.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa2db80df7d41c4fffe1c006ea7cffe18448887094e0db1a80dd467616f041d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, must-revalidate, max-age=30
cf-cache-status
DYNAMIC
cf-ray
87fde52caee25d26-SYD
content-encoding
br
content-type
text/html
date
Tue, 07 May 2024 02:49:10 GMT
last-modified
Mon, 06 May 2024 23:41:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfmsQiWTdfazkDVz8yUH7gPe0t4Qkz5RrdYGWfqcqL5fcGxCPlmMN1FiDmFjlJTL89XGfLN22UtsVYmWQu8mmQEXlXKZgjsuA%2BUCHh7SW%2BhLV7sJKYwdAVimAp%2B8Sc69EP9xP6MhW5vbtu5i63plwjmK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=10886400; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200..1000;1,200..1000&display=swap
Requested by
Host: capacitor-poc.mfbinternal.co.nz
URL: https://capacitor-poc.mfbinternal.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d38cf48db41a250c7256cb7295f9b818bbd8cb75745c3a975174da27d021082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 May 2024 02:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 May 2024 02:09:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 May 2024 02:49:10 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=b36f948d-9dd6-4f1f-99d6-10d22cf73425
Requested by
Host: capacitor-poc.mfbinternal.co.nz
URL: https://capacitor-poc.mfbinternal.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:10 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
16EJPM9K30XP37FF
age
38
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
z1V/NuijnK7Md6R8xho26aVzAi5YWZpIy2l2KX04qLLf562XDGukX+pnpGWp4oLzz96OIYLMddM=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Y5Xpepb9eRUxZKiWICLnKmqFHT1QM9k1AyOvWlzwwcDiJfdAyZRMlfsrKZieZfHOdI%2FayeJJLm65LwDF2b8DNPZgmjtWXlcJ82YTVAvSfR0GgNKCPD4MWEOZRWN0T%2BwOSV0Ce8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
87fde52e58ea1c56-AKL
access-control-allow-headers
*
index-Zxr5BtRV.js
capacitor-poc.mfbinternal.co.nz/assets/ 		457 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://capacitor-poc.mfbinternal.co.nz/assets/index-Zxr5BtRV.js
Requested by
Host: capacitor-poc.mfbinternal.co.nz
URL: https://capacitor-poc.mfbinternal.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961e8bf58c9f22d5ed5491e738ce134c9883a74c86b7b2cebdbb18319f4a97ab
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://capacitor-poc.mfbinternal.co.nz/
Origin
https://capacitor-poc.mfbinternal.co.nz
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:10 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 06 May 2024 23:41:00 GMT
server
cloudflare
etag
W/"00758340"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6PygJWz6KqiJ2n6z9o74YupU86y0ZwjdC2LGAF9%2Bxi2iXANrMKYyKWMqe%2BN%2BBlODdqA0dDQV3geN%2FRGCFFWUXFOM1yx1a6Vm6S4njtIdIP0JOnUqC4uaNYieAuIreqGph8b47czCr05kozD2JUx7WJW"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=14400, must-revalidate
cf-ray
87fde52df8a95d26-SYD
index-BzF7ATwa.css
capacitor-poc.mfbinternal.co.nz/assets/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://capacitor-poc.mfbinternal.co.nz/assets/index-BzF7ATwa.css
Requested by
Host: capacitor-poc.mfbinternal.co.nz
URL: https://capacitor-poc.mfbinternal.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da3dd6a1f7a194de6186eb3575cd7e70975a83a7844002223c981d94057d0e42
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://capacitor-poc.mfbinternal.co.nz/
Origin
https://capacitor-poc.mfbinternal.co.nz
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:10 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 06 May 2024 23:41:00 GMT
server
cloudflare
etag
W/"00758340"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7dyj935cU7FkIZOSI9UUvH%2FMKdY9y79iZ8zgC711cT4vvHIgAcbFEHRlnULnXC%2FPdNzzUab7th%2FEVo9VxbKOLgDhaho%2BeF2ugY7tQfgrcGb3JE69YB%2BJaJQj4jUrf8u%2FfHID2iE11HsVzZeXCmx5Yiu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=14400, must-revalidate
cf-ray
87fde52df8ad5d26-SYD
b36f948d-9dd6-4f1f-99d6-10d22cf73425
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/b36f948d-9dd6-4f1f-99d6-10d22cf73425
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b36f948d-9dd6-4f1f-99d6-10d22cf73425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b6b53b282b0f5ace0610cd6a1126dbbd90cbeb5a9b8d04ebe17c42baf8a85e4
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:10 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
23
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
87fde49aa8ef50aa-SEA, 87fde49aa8ef50aa-SEA
x-runtime
0.002801
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7b6b53b282b0f5ace0610cd6a1126dbb"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opY4gwEDxFdDas%2Fdg%2BrojK3BB0ON04OjnbOkMVh5BFWW2F8%2BCkYivP%2FiG%2FWnkuFalgLmNMbcH4xMJnW6YvWsEpFO%2Fp9HLZ64iYjswSqJk1lipjMksAjZOg7KsJbCT2alfao%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
87fde532587f1c59-AKL
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200..1000;1,200..1000&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://capacitor-poc.mfbinternal.co.nz
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 03:19:33 GMT
x-content-type-options
nosniff
age
343778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 May 2025 03:19:33 GMT
recipes
mfb-account-ae-test.azurewebsites.net/beta/ 		0
0
vite.svg
capacitor-poc.mfbinternal.co.nz/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://capacitor-poc.mfbinternal.co.nz/vite.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a748afd443918bb16591c834c401dae33e87861ab5dbad0811c3a3b4a9214fb
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://capacitor-poc.mfbinternal.co.nz/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:10 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 06 May 2024 23:41:00 GMT
server
cloudflare
etag
W/"00758340"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTHrf5rB2UU%2FBWeK7EeLp%2B%2BI5m3kjwvi4pByvH%2BL5Q63eWGSvpivCbyWL%2BIfMG2SyWJPCx07DFRz1uiaQwBlL9yGCMguSA%2Fk8c%2BJqvP3ko1x3dQl5XFO1pk61dVQ03sGfz3oqv%2Ft019dI3iJB6ZI3kP9"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, must-revalidate
cf-ray
87fde5325ee65d26-SYD
web-widget-main-7bc1c0f.js
static.zdassets.com/web_widget/messenger/latest/ Frame D4D7 		450 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b36f948d-9dd6-4f1f-99d6-10d22cf73425
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f4c7b47fe2151a74a693533fd52c91d78ec03203027ee9a1210baa9e915b5fa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:10 GMT
x-amz-version-id
FF8unFdBB4gI.67XhH2GhVTn74pudK_c
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
DKWG1E69PV39MED6
age
363099
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
b4iFBmysrfVotSuHVYf858Tif60NDMsmlxIcV+9+imkbX/a3if2QgSpESGWXoHhfcj6Cw5wtguE=
last-modified
Mon, 08 Apr 2024 13:55:43 GMT
server
cloudflare
etag
W/"61166b9a0a776703db59d8fbffd8e621"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GAVu9%2FS1I8i4qHtYAUkxwaX3laUWEDLUih8t9yiUPEaDM%2B42usGMhpMHifxTPbM5DQDsw4gDlWcoSdegXehSIWYetWjRSmKJBcVchlt3kG3mtfW0LSO7K6R8hQTIRm6QKUjfkk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
87fde532dabb1c56-AKL
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:55:42 GMT
en-us-json-7bc1c0f.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame D4D7 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:11 GMT
x-amz-version-id
Pqq5depyzV0eh0laMyX._YPJQ2ernPin
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
DKWKWY7EYSDTY0JC
age
382115
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
mbU811k/ke7iB1r45HmcMwHgvh8kN9E9sRl4eMG/0K2MLT+hcAipus8m0JeNgKrH4tO3MDO4Fpw=
last-modified
Mon, 08 Apr 2024 13:55:45 GMT
server
cloudflare
etag
W/"3ac3100c0ffed8d435c31e09d2196883"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czoSNywLa37u69HYDxHR6aFMR%2FaqdfrCcRa2aKWJcw8%2BVTJ3lr6vJU8KJl5DgYnz6bsE6aCDhUf4xDjDuezM%2BXB3DUuSdXCqB8Ql%2FYGZAv0Va%2FxQBNjUxh74BbVSTxILFqajoD4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
87fde533fce81c56-AKL
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:55:44 GMT
pv
myfoodbag1637217353.zendesk.com/frontendevents/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://myfoodbag1637217353.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://capacitor-poc.mfbinternal.co.nz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
87fde534e91150c5-AKL
date
Tue, 07 May 2024 02:49:11 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLMoMhBpgFAM%2BYlSRxhuJO2eQGlfHfCd17kWm0tmPXyRwGi2MxIUCDuVZgN6DHDwaNj5YtXi69tG34H5ZUUKB%2F3251g3qev6XFv4IawJTOKoxA6Tdr1fcNiXgrucVYkrgiS2SqDbyYDSIo3yvh%2BLo1w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
87fde534e91150c5-AKL
x-zendesk-zorg
yes
web-widget-94119-7bc1c0f.js
static.zdassets.com/web_widget/messenger/latest/ Frame D4D7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-94119-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e49ed13a69f0bac8bb3f095f7ba58b2f8f5c46c18e0798addd5d4251b6c23b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:11 GMT
x-amz-version-id
xIaR3VmzjQRpo0rbjlQ32KNKeBoNM1B0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
DKWKMDDY6K5MNVW3
age
366959
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
BhMlEvdeV0MYuC+RuWfpYdnkOaNFTuvgZuQyCym4vWFZSfry5t7f+JQZIEqmTNOV/Y5VhCS9C0o=
last-modified
Mon, 08 Apr 2024 13:55:43 GMT
server
cloudflare
etag
W/"a5155d1feb52d3bcb21f8afa94cd6c4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4UNDheY%2FejCrWSCOtydy7yo%2FT2Yd1Gcr7Aodg2CRsOnUif5duwSP6w8baausJHKr0WHf%2F8BdaZIiF7r90mBkXVNmIHRIGq5bf6GI22P97JbtaMHwWPvw8VEThEHru%2Fpjph%2FH3yM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
87fde5346dcd1c56-AKL
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:55:42 GMT
pv
myfoodbag1637217353.zendesk.com/frontendevents/ Frame D4D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://myfoodbag1637217353.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 May 2024 02:49:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOqbB3br8NOFVpe8HMVmV%2B1te2KX6qI%2F%2F9YfKYGvxxYS95JNikIrcGQ6Ph8F6yajC%2BHVTwojf7A1oXijQH%2FEB2iVSBrgQnEi3eyNsrWazVgqHO53253EIl%2BK0BRyJmqhdpUuVv8vg%2BqE%2Fqp4Vkd60L4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
87fde5366be550c5-AKL
content-length
0
x-request-id
87fde5366be550c5-AKL
config
myfoodbag1637217353.zendesk.com/embeddable/ Frame D4D7 		837 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://myfoodbag1637217353.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a782455092fa6ba2cf5b4ac43907e1bc926157021ad92fae1cbc7a3847c3a2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23
x-zendesk-origin-server
embeddable-app-server-657f6ffbc5-c8n2f
x-cached
MISS
x-runtime
0.002648
last-modified
Tue, 07 May 2024 02:47:34 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPGlflhvPryUAuRszz85iABfYsyViWGeb1Fkl7MT27aO95hx2BF0Au6%2BNzAouzPVEX%2FDOAtNEAYOpFvzjrd406Sh35ALvKkWRv7N3mzVqqGBGVJuGGkshgjVSgZSBX%2FOlJ5okRr6vKr%2FgEnwPNAoDco%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
87fde534e90e50c5-AKL
619d5422efe8d500eb2132b5
myfoodbag1637217353.zendesk.com/embeddable/campaigns/ Frame D4D7 		437 B
693 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://myfoodbag1637217353.zendesk.com/embeddable/campaigns/619d5422efe8d500eb2132b5
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e06b00559c13c23baf676925ad44a1b9e7f4b35b1f6dd2bd4aacf45a8ab4be9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 02:49:11 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-657f6ffbc5-vrrq9
x-cached
MISS
x-runtime
0.001597
last-modified
Tue, 07 May 2024 02:49:11 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sCZmyLLnS6WCEG79LqznE9ivFGCp%2FlWjbpOPs5agQDMmY2QgsG8HVqhK0mvCg99HqesURnrZKj%2FKxK4QgMtskqrrx1TEg%2FwC2Pgd%2BHzzVJAa4DnHBgrNjtBC3cZBRalXC%2BH8mgX5iA0BYwpHUoL62dc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=15, public, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
87fde534e91b50c5-AKL
recipes
mfb-account-ae-test.azurewebsites.net/beta/ 		0
0
recipes
mfb-account-ae-test.azurewebsites.net/beta/ 		0
0
proactive_message
myfoodbag1637217353.zendesk.com/api/v2/cts/ Frame D4D7 		0
0
proactive_message
myfoodbag1637217353.zendesk.com/api/v2/cts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://myfoodbag1637217353.zendesk.com/api/v2/cts/proactive_message
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://capacitor-poc.mfbinternal.co.nz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://capacitor-poc.mfbinternal.co.nz
cf-cache-status
DYNAMIC
cf-ray
87fde549ac7c50c5-AKL
date
Tue, 07 May 2024 02:49:14 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1p6cTHPMjmxwhEpZuFbpyEPvd0iIk1KCWRZpZQcqFgil5P3HZGbdQRb5IPSqmSjrpFS63mx690wCaLqpIGs%2F46CJgQOhTqmWc67kz%2Fs5RF25ghbpgyN6FyaxR4A3Z9DLYsJv8%2Bxd1sB%2FeUJ06naqwOk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
access-control-request-headers
x-request-id
87fde549ac7c50c5-AKL
x-zendesk-zorg
yes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mfb-account-ae-test.azurewebsites.net
URL
https://mfb-account-ae-test.azurewebsites.net/beta/recipes
Domain
mfb-account-ae-test.azurewebsites.net
URL
https://mfb-account-ae-test.azurewebsites.net/beta/recipes
Domain
mfb-account-ae-test.azurewebsites.net
URL
https://mfb-account-ae-test.azurewebsites.net/beta/recipes
Domain
myfoodbag1637217353.zendesk.com
URL
https://myfoodbag1637217353.zendesk.com/api/v2/cts/proactive_message

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| zEWebpackACJsonp function| zE function| zEmbed string| __reactRouterVersion object| CapacitorPlatforms object| Capacitor boolean| zEACLoaded

0 Cookies

6 Console Messages

Source Level URL
Text
javascript error URL: https://capacitor-poc.mfbinternal.co.nz/
Message:
Access to fetch at 'https://mfb-account-ae-test.azurewebsites.net/beta/recipes' from origin 'https://capacitor-poc.mfbinternal.co.nz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://mfb-account-ae-test.azurewebsites.net/beta/recipes
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://capacitor-poc.mfbinternal.co.nz/
Message:
Access to fetch at 'https://mfb-account-ae-test.azurewebsites.net/beta/recipes' from origin 'https://capacitor-poc.mfbinternal.co.nz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://mfb-account-ae-test.azurewebsites.net/beta/recipes
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://capacitor-poc.mfbinternal.co.nz/
Message:
Access to fetch at 'https://mfb-account-ae-test.azurewebsites.net/beta/recipes' from origin 'https://capacitor-poc.mfbinternal.co.nz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://mfb-account-ae-test.azurewebsites.net/beta/recipes
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block