pr-account-87.myfoodbag.co.nz Open in urlscan Pro
20.99.157.72  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

• https://myfoodbagauthtest.b2clogin.com/6f76fc16-5b7f-4ffb-a6eb-912d0cea1ac8/b2c_1a_signin/oauth2/v2.0/authorize?client_id=63bd288c-f23f-43f7-bbc1-5c9e9984b62a&redirect_uri=https%3A%2F%2Fpr-account-87.myfoodbag.co.nz%2Fmy-account%2Fredirect%2FnoPrompt&response_type=id_token%20token&scope=openid%20profile%20https%3A%2F%2Fmyfoodbagauthtest.onmicrosoft.com%2Fe8d3c024-5f38-4ec7-afb3-b23b8f69308c%2FMFB-AccountAPI%20https%3A%2F%2Fmyfoodbagauthtest.onmicrosoft.com%2Fe8d3c024-5f38-4ec7-afb3-b23b8f69308c%2FMFB-OrderFormAPI&state=bb235e57acb14f97833aa37898c1bf91&nonce=206d89b32e80489e84ba3653fdea737a&prompt=none HTTP 302
• https://pr-account-8008.myfoodbag.co.nz/

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response pr-account-87.myfoodbag.co.nz/	116 KB 49 KB	1116ms 393ms	Document text/html	20.99.157.72 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pr-account-87.myfoodbag.co.nz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.99.157.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1cde19eb894e4502911b1de0f146ec6e342e6ab51d5dbdef449b435d145b13b6 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers cache-control public, must-revalidate, max-age=30 content-encoding br content-type text/html date Tue, 18 Jul 2023 02:27:25 GMT etag "43833821" last-modified Tue, 18 Jul 2023 02:24:46 GMT referrer-policy same-origin strict-transport-security max-age=10886400; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 1; mode=block
GET H2	200	style.min.css mfbstatic.azureedge.net/style/fresh-start/02839eb28e8d496dfa518ce1b61e214a/	228 KB 45 KB	1882ms 336ms	Stylesheet text/css	2600:1413:b000:1e::17d1:2e61 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mfbstatic.azureedge.net/style/fresh-start/02839eb28e8d496dfa518ce1b61e214a/style.min.css Requested by Host: pr-account-87.myfoodbag.co.nz URL: https://pr-account-87.myfoodbag.co.nz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1413:b000:1e::17d1:2e61 , Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash fed729d59641d97e458f9f70e454f9de0f8a5ffb058d931404025f721facd171 Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 18 Jul 2023 02:27:27 GMT content-encoding gzip content-length 45137 x-ms-lease-state available x-ms-lease-status unlocked last-modified Fri, 07 Jul 2023 09:54:53 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DB7ED036498C10" vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id b11c226a-f01e-0039-1fbf-b840c3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31494963 x-ms-version 2014-02-14 accept-ranges bytes
GET H2	200	main.eadcf00c.js Show response pr-account-87.myfoodbag.co.nz/static/js/	4 MB 958 KB	599ms 599ms	Script text/javascript	20.99.157.72 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pr-account-87.myfoodbag.co.nz/static/js/main.eadcf00c.js Requested by Host: pr-account-87.myfoodbag.co.nz URL: https://pr-account-87.myfoodbag.co.nz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.99.157.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8c5daac0ecfba9327f4231b833d9808762674df3c6aa0dd60c956b609a1d56da Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-NZ,en;q=0.9 Referer https://pr-account-87.myfoodbag.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 18 Jul 2023 02:27:26 GMT content-encoding br referrer-policy same-origin strict-transport-security max-age=10886400; includeSubDomains; preload last-modified Tue, 18 Jul 2023 02:24:46 GMT x-content-type-options nosniff etag "43833821" vary Accept-Encoding x-dns-prefetch-control off content-type text/javascript cache-control public, must-revalidate, max-age=30 x-xss-protection 1; mode=block
GET H2	200	main.88ac67ff.css pr-account-87.myfoodbag.co.nz/static/css/	40 KB 5 KB	598ms 598ms	Stylesheet text/css	20.99.157.72 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pr-account-87.myfoodbag.co.nz/static/css/main.88ac67ff.css Requested by Host: pr-account-87.myfoodbag.co.nz URL: https://pr-account-87.myfoodbag.co.nz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.99.157.72 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 003d654535f8383c7af53e5be656211e54ad09243080b1dde1553d3a0e0d64ee Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-NZ,en;q=0.9 Referer https://pr-account-87.myfoodbag.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 18 Jul 2023 02:27:26 GMT content-encoding br referrer-policy same-origin strict-transport-security max-age=10886400; includeSubDomains; preload last-modified Tue, 18 Jul 2023 02:24:46 GMT x-content-type-options nosniff etag "43833821" vary Accept-Encoding x-dns-prefetch-control off content-type text/css cache-control public, must-revalidate, max-age=30 x-xss-protection 1; mode=block
GET H2	200	raven.min.js Show response cdnjs.cloudflare.com/ajax/libs/raven.js/raven-js@3.26.4/	37 KB 13 KB	368ms 128ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/raven.js/raven-js@3.26.4/raven.min.js Requested by Host: pr-account-87.myfoodbag.co.nz URL: https://pr-account-87.myfoodbag.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2e166c267f5718c1b95131d0400700d6d7a7fc3229b8f193403071f5c4f7b22 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://pr-account-87.myfoodbag.co.nz accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 18 Jul 2023 02:27:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2183133 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 12142 last-modified Mon, 04 May 2020 16:15:49 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fb5-92e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIy1Uns2DjPX7wjCgtF12OER%2B5VfxLB%2FEqOBaVKBcSsbPjrhYDfMRzBySpoEm%2FrGnTlfhTeWcAxc%2FYQDVHyIVpcGILcJZH6Yj1p7MI3fm7sU%2FgVIWvkyn60CgKIJfAfbZwn0sA2M9JDpB9JQkpQCSS9Q"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7e87491ce936fb88-AKL expires Sun, 07 Jul 2024 02:27:26 GMT
GET H2	200	3392ce hello.myfonts.net/count/	0 354 B	388ms 141ms	Stylesheet text/css	2606:4700::6811:f449 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hello.myfonts.net/count/3392ce Requested by Host: mfbstatic.azureedge.net URL: https://mfbstatic.azureedge.net/style/fresh-start/02839eb28e8d496dfa518ce1b61e214a/style.min.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 18 Jul 2023 02:27:28 GMT server cloudflare age 1 expect-ct null vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes cf-ray 7e874925dcce1c5a-AKL content-length 0 expires Wed, 17 Jul 2024 02:27:28 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	220 KB 77 KB	713ms 244ms	Script application/javascript	2404:6800:4003:c1c::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P5Z2HFG Requested by Host: pr-account-87.myfoodbag.co.nz URL: https://pr-account-87.myfoodbag.co.nz/static/js/main.eadcf00c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::61 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 63cfe12770b4de4ad3b409c565769c477d75059118a448e3ec4f86b39aced91c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 18 Jul 2023 02:27:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78737 x-xss-protection 0 last-modified Tue, 18 Jul 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 18 Jul 2023 02:27:29 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	1047ms 349ms	Script application/x-javascript	2a03:2880:f04e:f:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: pr-account-87.myfoodbag.co.nz URL: https://pr-account-87.myfoodbag.co.nz/static/js/main.eadcf00c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f04e:f:face:b00c:0:3 Osaka, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c9cb9470fd25d1b119cb391639303a5a343cd74ef015cfb041537d5324e79d6e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 18 Jul 2023 02:27:29 GMT content-md5 aCR1piYULaLNzoM01o4s1A== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1688 x-fb-debug 1h3U5+cuob6Glsl0OscwijcXPesgw4szhbxw2WVQSFb2A/uSFfVxFyfp1IO1b0DioWhEDVZCE1v46fYpJemP8g== x-fb-content-md5 73a21406376df36dd8b6338ac4309252 cross-origin-opener-policy same-origin-allow-popups etag "a63d27c5bbbbdda0ac406020a326ea8f" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Tue, 18 Jul 2023 02:30:14 GMT
GET H/1.1	200 OK	openid-configuration myfoodbagauthtest.b2clogin.com/6f76fc16-5b7f-4ffb-a6eb-912d0cea1ac8/B2C_1A_Signin/v2.0/.well-known/	1 KB 2 KB	1640ms 797ms	XHR application/json	2603:1036:3000:e8::4 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myfoodbagauthtest.b2clogin.com/6f76fc16-5b7f-4ffb-a6eb-912d0cea1ac8/B2C_1A_Signin/v2.0/.well-known/openid-configuration Requested by Host: pr-account-87.myfoodbag.co.nz URL: https://pr-account-87.myfoodbag.co.nz/static/js/main.eadcf00c.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2603:1036:3000:e8::4 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Tue, 18 Jul 2023 02:27:29 GMT X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, OPTIONS Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://pr-account-87.myfoodbag.co.nz Public OPTIONS,TRACE,GET,HEAD,POST Cache-Control no-store, must-revalidate, no-cache Allow OPTIONS, TRACE, GET, HEAD, POST x-ms-gateway-requestid e0ff8e91-e08b-4398-8ccd-87212db91141 Content-Length 1442 X-XSS-Protection 1; mode=block
GET H3	200	sdk.js connect.facebook.net/en_US/	301 KB 85 KB	691ms 345ms	Script application/x-javascript	2a03:2880:f04e:f:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=05fa343c25e0e9b513260d9515896f0b Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f04e:f:face:b00c:0:3 Osaka, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer Origin https://pr-account-87.myfoodbag.co.nz accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 18 Jul 2023 02:27:30 GMT content-md5 CnmVFG4hozrAqLpMQb1KOw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87273 x-fb-debug NWkMpbtvceJXGIlwKsQJ+JQkhNc4fkNTPK0nUllPsKnzJEUiX/kf7PaBpoablbr4rcgVThk6T5f7r0V5mbj3CA== x-fb-content-md5 acf1f26eb9c053e3aefac06a1305b137 cross-origin-opener-policy same-origin-allow-popups etag "e39b3237e3583f3a67d43c1012c01546" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * priority u=3,i expires Wed, 17 Jul 2024 01:53:34 GMT
GET H2	200	optimize.js www.google-analytics.com/gtm/	121 KB 47 KB	935ms 466ms	Script application/javascript	2404:6800:4003:c11::66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/optimize.js?id=GTM-NT239LM Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5Z2HFG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 18 Jul 2023 02:27:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48222 x-xss-protection 0 last-modified Tue, 18 Jul 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 18 Jul 2023 02:27:30 GMT
GET H2	200	analytics.js www.google-analytics.com/	52 KB 21 KB	701ms 234ms	Script text/javascript	2404:6800:4003:c11::66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5Z2HFG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 18 Jul 2023 02:22:40 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 290 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 18 Jul 2023 04:22:40 GMT
GET		/ pr-account-8008.myfoodbag.co.nz/ Redirect Chain https://myfoodbagauthtest.b2clogin.com/6f76fc16-5b7f-4ffb-a6eb-912d0cea1ac8/b2c_1a_signin/oauth2/v2.0/authorize?client_id=63bd288c-f23f-43f7-bbc1-5c9e9984b62a&redirect_uri=https%3A%2F%2Fpr-account-... https://pr-account-8008.myfoodbag.co.nz/	0 0
GET H2	200	/ www.facebook.com/tr/	0 185 B	1063ms 354ms	Image text/plain	2a03:2880:f14e:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2141658926059124&ev=fb_page_view&dl=https%3A%2F%2Fpr-account-87.myfoodbag.co.nz%2F&rl=&if=false&ts=1689647250750&sw=1600&sh=1200&at= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f14e:82:face:b00c:0:25de Osaka, Japan, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 18 Jul 2023 02:27:31 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	200	collect www.google-analytics.com/j/	4 B 192 B	235ms 234ms	XHR text/plain	2404:6800:4003:c11::66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1505404261&t=pageview&_s=1&dl=https%3A%2F%2Fpr-account-87.myfoodbag.co.nz%2F&ul=en-us&de=UTF-8&dt=Your%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAACAAI~&jid=92378017&gjid=2003915350&cid=1796478922.1689647251&tid=UA-38944002-3&_gid=7846520.1689647251&_r=1&_slc=1&gtm=45He37c0n81P5Z2HFG&z=1151717340 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c11::66 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 18 Jul 2023 02:27:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pr-account-87.myfoodbag.co.nz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	a www.googletagmanager.com/	0 59 B	235ms 235ms	Image text/html	2404:6800:4003:c1c::61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-NT239LM&cv=16&t=ol&p=gtmo&l=2402&q=3718&f=1171&e=5&i=8&d=2392&c=2388&hc=0&sr=0.050000&ps=0.012984072121764889&cb=962285928 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::61 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 18 Jul 2023 02:27:31 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
POST H2	200	collect stats.g.doubleclick.net/j/	7 B 362 B	701ms 233ms	XHR text/plain	2404:6800:4003:c0f::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-38944002-3&cid=1796478922.1689647251&jid=92378017&gjid=2003915350&_gid=7846520.1689647251&_u=aEBAAEAAQAAAACAAI~&z=1550733149 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c0f::9a , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 18 Jul 2023 02:27:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pr-account-87.myfoodbag.co.nz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		ga-audiences www.google.com/ads/	0 0
GET		ga-audiences www.google.co.nz/ads/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pr-account-8008.myfoodbag.co.nz

URL

https://pr-account-8008.myfoodbag.co.nz/

Domain

www.google.com

URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38944002-3&cid=1796478922.1689647251&jid=92378017&_u=aEBAAEAAQAAAACAAI~&z=1366448372

Domain

www.google.co.nz

URL

https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-38944002-3&cid=1796478922.1689647251&jid=92378017&_u=aEBAAEAAQAAAACAAI~&z=1366448372

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.myfonts.net/	1970-01-20 13:20:49	Name: __cf_bm Value: LdPqBLOh3cAWIuEOFXQZHhrfMpxC015KIJixS9Vq3wQ-1689647248-0-Aa+v2cXRFCZc3LGKDAK23UCW7oxX7feyRizfc0H5Xha+ukQl/Cqn8yS8PZAzhdCm1Er9QLc9uvVodVRsgbMMTw4=
			.myfoodbag.co.nz/	1970-01-20 22:56:47	Name: _ga Value: GA1.3.1796478922.1689647251
			.myfoodbag.co.nz/	1970-01-20 13:22:13	Name: _gid Value: GA1.3.7846520.1689647251
			.myfoodbag.co.nz/	1970-01-20 13:20:47	Name: _gat_UA-38944002-3 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
hello.myfonts.net
mfbstatic.azureedge.net
myfoodbagauthtest.b2clogin.com
pr-account-8008.myfoodbag.co.nz
pr-account-87.myfoodbag.co.nz
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
pr-account-8008.myfoodbag.co.nz
www.google.co.nz
www.google.com
20.99.157.72
2404:6800:4003:c0f::9a
2404:6800:4003:c11::66
2404:6800:4003:c1c::61
2600:1413:b000:1e::17d1:2e61
2603:1036:3000:e8::4
2606:4700::6811:180e
2606:4700::6811:f449
2a03:2880:f04e:f:face:b00c:0:3
2a03:2880:f14e:82:face:b00c:0:25de
003d654535f8383c7af53e5be656211e54ad09243080b1dde1553d3a0e0d64ee
1cde19eb894e4502911b1de0f146ec6e342e6ab51d5dbdef449b435d145b13b6
63cfe12770b4de4ad3b409c565769c477d75059118a448e3ec4f86b39aced91c
8c5daac0ecfba9327f4231b833d9808762674df3c6aa0dd60c956b609a1d56da
a2e166c267f5718c1b95131d0400700d6d7a7fc3229b8f193403071f5c4f7b22
c9cb9470fd25d1b119cb391639303a5a343cd74ef015cfb041537d5324e79d6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fed729d59641d97e458f9f70e454f9de0f8a5ffb058d931404025f721facd171