d1y41vhpk8ahn7.cloudfront.net Open in urlscan Pro
2600:9000:20ab:8800:4:45c7:f4c0:93a1  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

• https://js.squareup.com/v2/paymentform HTTP 301
• https://squareup.com/v2/paymentform

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response d1y41vhpk8ahn7.cloudfront.net/	2 KB 1 KB	556ms 442ms	Document text/html	2600:9000:20ab:8800:4:45c7:f4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:8800:4:45c7:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4019beb2db47d4619d15d1fe19fa7918a724e88026f5b9aeee57587406fafea7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control no-cache content-encoding gzip content-type text/html date Mon, 15 Jul 2024 12:44:25 GMT etag W/"261990a474688a3929d797795ee9b1e8" last-modified Thu, 09 Feb 2023 23:04:41 GMT server AmazonS3 vary Accept-Encoding via 1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront) x-amz-cf-id dbFPhIOrGoOor6LQQN_muFa5TcencYGD-Nnav28Kn_ZPHv3VnIoqmg== x-amz-cf-pop AMS58-P3 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront
GET H2	200	runtime.9b652aacf40ffef8f3db.js Show response d1y41vhpk8ahn7.cloudfront.net/static/js/	5 KB 3 KB	211ms 204ms	Script application/javascript	2600:9000:20ab:8800:4:45c7:f4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1y41vhpk8ahn7.cloudfront.net/static/js/runtime.9b652aacf40ffef8f3db.js Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:8800:4:45c7:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6a3cc07650ff8ab071d7ff8b7dd0c1fb3c57b1b8ddbfde5df31ca17bb6b34fc5 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:25 GMT content-encoding gzip via 1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 23:04:42 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 etag W/"0199b03390b2fde2a02f81f728f2adc3" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control no-cache x-amz-cf-id e9UUztjuZ4mrOCVMRQ7X4tGUy_fhnys4MQ39Xr1qa6-__18fhk54Gg==
GET H2	200	vendors.d96de1db81c09d4da48f.chunk.js Show response d1y41vhpk8ahn7.cloudfront.net/static/js/	2 MB 564 KB	502ms 495ms	Script application/javascript	2600:9000:20ab:8800:4:45c7:f4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1y41vhpk8ahn7.cloudfront.net/static/js/vendors.d96de1db81c09d4da48f.chunk.js Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:8800:4:45c7:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 67d47cbb1632d118490218a8023dfc2d563befd10c3d35af6fcd6f7241fe0c35 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:26 GMT content-encoding gzip via 1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 23:04:42 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 etag W/"424f5179d712f73ed04dfb912f570c05" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control no-cache x-amz-cf-id 9dNSdC04kJjvkwVzwhRWmyGhi4rpOw5j8UEuc5M6JpkxOWniRqXW4w==
GET H2	200	main.cfd9e46c28959f72f2f1.chunk.js Show response d1y41vhpk8ahn7.cloudfront.net/static/js/	714 KB 151 KB	454ms 452ms	Script application/javascript	2600:9000:20ab:8800:4:45c7:f4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1y41vhpk8ahn7.cloudfront.net/static/js/main.cfd9e46c28959f72f2f1.chunk.js Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:8800:4:45c7:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b434b49bc20b81de103725f584388bceafec15a9d5e3c396086c7995a1c8eb68 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:27 GMT content-encoding gzip via 1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 23:04:42 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 etag W/"8f54d361d3b08d5d01b94fd6615fe56e" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control no-cache x-amz-cf-id Odq-2dj9txw_2SwJXryhr1pBDQPqEdWBKrVfXX3IWkg8-rVjRXXDDg==
GET H2	200	vendors.5211c192.chunk.css d1y41vhpk8ahn7.cloudfront.net/static/css/	212 KB 36 KB	504ms 497ms	Stylesheet text/css	2600:9000:20ab:8800:4:45c7:f4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1y41vhpk8ahn7.cloudfront.net/static/css/vendors.5211c192.chunk.css Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:8800:4:45c7:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b1be432f1084c7e1709b316aa62e0865cf6c41c5370032594d4b77a89c64f89e Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:26 GMT content-encoding gzip via 1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 23:04:42 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 etag W/"74f8878f005120c38a1cdda831fbf71a" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/css cache-control no-cache x-amz-cf-id j897OzI119EPnf-BwIEdLavWrN4_Ev5mRTn1u78CC9gyKGcvLI1MiA==
GET H2	200	main.8f123696.chunk.css d1y41vhpk8ahn7.cloudfront.net/static/css/	106 KB 21 KB	504ms 497ms	Stylesheet text/css	2600:9000:20ab:8800:4:45c7:f4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1y41vhpk8ahn7.cloudfront.net/static/css/main.8f123696.chunk.css Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:8800:4:45c7:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5cf8b7d326336d33658f8d85892161bff4eca06a5f2b27584028e8b5c3b05beb Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:26 GMT content-encoding gzip via 1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 23:04:42 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 etag W/"2cc9c20c3719f2c56a87c1e2b5f7aa53" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/css cache-control no-cache x-amz-cf-id 8_D11VpmLkIl0gKxwPnXaxS95jbDamRri6_jixXKm4rqqy7DRJx3YQ==
GET H2	200	/ Show response js.stripe.com/v3/	622 KB 151 KB	204ms 44ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 3166eecdcbf2e0e9c156c45526150bc3b181462cf76777fcff39c0829eda4959 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Mon, 15 Jul 2024 12:44:25 GMT via 1.1 varnish age 47 x-cache HIT content-length 154550 x-request-id a2c29384-5529-49f7-839b-2c0f8fa7816a x-served-by cache-fra-etou8220072-FRA last-modified Fri, 12 Jul 2024 20:36:37 GMT server Fastly etag "8d70d579ba2b8df39256290c4ac00be8" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 4
GET H2	200	theme.css assets.lunchbox.io/roastersntoasters/catering/css/	403 B 806 B	707ms 543ms	Stylesheet text/css	2600:9000:2165:1c00:3:1ffc:9e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.lunchbox.io/roastersntoasters/catering/css/theme.css Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1c00:3:1ffc:9e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 30e23a8e9224248536f6a36c6e82028c8c4f88d6a354519722ca0eef3bcee8c0 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:26 GMT x-amz-version-id MU4Ak0LjvXi5iOq4Hs0pEGavR.d96AkO via 1.1 6b15d1c60d9f387a4132de8eb9595b1e.cloudfront.net (CloudFront) last-modified Tue, 14 Dec 2021 18:46:05 GMT server AmazonS3 x-amz-cf-pop MUC50-P6 etag "44f457bc5ab59f4e63ec209b64554930" x-cache Miss from cloudfront content-type text/css x-amz-meta-version-id btdn98qSMqHvKmSsDbY.8vN8aKsqXZQW accept-ranges bytes content-length 403 x-amz-cf-id YacZKokYzVgursOy5rJN3yj_SYSCUVeAqsdpLgqqfZsmtz5wz9OugQ==
GET		paymentform squareup.com/v2/ Redirect Chain https://js.squareup.com/v2/paymentform https://squareup.com/v2/paymentform	0 0
GET H/1.1	200 OK	appleid.auth.js Show response appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/	42 KB 17 KB	335ms 48ms	Script application/javascript	23.196.235.139 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.196.235.139 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-196-235-139.deploy.static.akamaitechnologies.com Software Apple / Resource Hash 8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Mon, 15 Jul 2024 12:44:25 GMT Last-Modified Wed, 10 Jul 2024 18:21:15 GMT Server Apple ETag W/"43171-1720635675914" Vary accept-encoding Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400,stale-while-revalidate=86400 Connection keep-alive Accept-Ranges bytes Content-Length 17356
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	147ms 47ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 15 Jul 2024 11:41:01 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3805 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 15 Jul 2024 13:41:01 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	223 KB 60 KB	147ms 54ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 15 Jul 2024 12:44:26 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58653 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug mcX5Rx2BAIQBG9l/UPAY0IrJzQ5mvk+fi0rMtGNgAO6k1+rbvNYc4egUoBhigWoqrr1ibDILY3LgL9mM2mG0SA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	/ Show response o360216.ingest.sentry.io/api/5214227/envelope/	2 B 299 B	211ms 45ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o360216.ingest.sentry.io/api/5214227/envelope/?sentry_key=8a330049279f4f76a68c8642a51d27ee&sentry_version=7 Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/static/js/vendors.d96de1db81c09d4da48f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 15 Jul 2024 12:44:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame 31D1	0 0	199ms 73ms	Document text/html	18.65.39.126 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.126 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-126.ams1.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 2259 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 15 Jul 2024 12:06:49 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Fri, 05 Jul 2024 17:12:02 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 447163709b16a97083db09f6ac040b38.cloudfront.net (CloudFront) x-amz-cf-id zuPufQA8V6H059jzDH6e7okrGGM6S5RmKJ8mLAQdHqDJnP0eWb5pWg== x-amz-cf-pop AMS1-P1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	theme-production.json Show response assets.lunchbox.io/roastersntoasters/catering/	41 KB 4 KB	653ms 538ms	XHR application/json	2600:9000:2165:1c00:3:1ffc:9e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.lunchbox.io/roastersntoasters/catering/theme-production.json Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/static/js/vendors.d96de1db81c09d4da48f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1c00:3:1ffc:9e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e20e1e1cdae6d7e280af2ffb8d1f28567388c089a707b67ec0706a43a34b5299 Request headers Accept application/json, text/plain, */* Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:28 GMT x-amz-version-id _7cSdmUENBI5yZ0RNjgadAUyre6Oa4CS content-encoding gzip via 1.1 2c313927575349c92f098e6f1111a7ce.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Thu, 09 Feb 2023 23:04:40 GMT server AmazonS3 etag W/"0cac007323c2f489db98174141206c00" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id MhBa2Q1h25lbOA1lT1JVAqZLCaxY6w8-koOApMGPr_-UFekBODwgTQ==
GET		patron patron.lunchbox.io/v0/	0 0
OPTIONS H2	403	patron patron.lunchbox.io/v0/ Frame	0 0	203ms 57ms	Preflight text/html	2606:4700:4400::ac40:906e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://patron.lunchbox.io/v0/patron Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:906e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers client,os,sessionid,version Access-Control-Request-Method GET Origin https://d1y41vhpk8ahn7.cloudfront.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control max-age=15 cf-ray 8a39d80e8a496ae2-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 15 Jul 2024 12:44:27 GMT expires Mon, 15 Jul 2024 12:44:42 GMT referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	7.d2455e32.chunk.css d1y41vhpk8ahn7.cloudfront.net/static/css/	2 KB 1 KB	481ms 445ms	Stylesheet text/css	2600:9000:20ab:8800:4:45c7:f4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1y41vhpk8ahn7.cloudfront.net/static/css/7.d2455e32.chunk.css Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/static/js/runtime.9b652aacf40ffef8f3db.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:8800:4:45c7:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash df6d18d2267435f35a8e6455d24e00eb093e8ed094afaf711d8b16300816945e Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:28 GMT content-encoding gzip via 1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 23:04:42 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 etag W/"a4c22ec49a887d8d440fc51b8e06661e" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/css cache-control no-cache x-amz-cf-id yHXhF2goBPJFuWH0Ezjnjd05cR-XYszxJ9xwm8QvY7KNw3hXf4RBmw==
GET H2	200	7.66f0813e1545c54a8129.chunk.js Show response d1y41vhpk8ahn7.cloudfront.net/static/js/	2 KB 1 KB	480ms 445ms	Script application/javascript	2600:9000:20ab:8800:4:45c7:f4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1y41vhpk8ahn7.cloudfront.net/static/js/7.66f0813e1545c54a8129.chunk.js Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/static/js/runtime.9b652aacf40ffef8f3db.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:8800:4:45c7:f4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5216b9d772565e7c7e33e5d4641db8ad8778f7b035320aa97f2dbc0f0ab47385 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:28 GMT content-encoding gzip via 1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront) last-modified Thu, 09 Feb 2023 23:04:42 GMT server AmazonS3 x-amz-cf-pop AMS58-P3 etag W/"fc3b356ba04982bce7d41fc2eb48c52d" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control no-cache x-amz-cf-id QnxuaipDmgZ179grVuQLtoSU_C_vjYBkxuvoAh-UdyiGnw5E7Uj5Rg==
GET H2	200	art_logo.svg assets.lunchbox.io/roastersntoasters/images/	77 KB 32 KB	552ms 517ms	Image image/svg+xml	2600:9000:2165:1c00:3:1ffc:9e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.lunchbox.io/roastersntoasters/images/art_logo.svg Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1c00:3:1ffc:9e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 73906739fae46b7e1881d2f639aab7e5781f57bdc1ed266b9f45dc56a8c230fa Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:28 GMT x-amz-version-id wfp3SY2nYyl6cmln4ZGbzCDzypWrvOc4 content-encoding gzip last-modified Tue, 23 Nov 2021 16:46:30 GMT server AmazonS3 via 1.1 6b15d1c60d9f387a4132de8eb9595b1e.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 etag W/"c031ea1463f9072378d8bdf60724da64" vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml x-amz-cf-id wqsWHL-Uh6ukmcaNHPW2P2MoV1318XVfVDMELdEfM3UPHJst7pQb_A==
GET H2	200	icon_contact.svg assets.lunchbox.io/roastersntoasters/images/	23 KB 9 KB	508ms 473ms	Image image/svg+xml	2600:9000:2165:1c00:3:1ffc:9e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.lunchbox.io/roastersntoasters/images/icon_contact.svg Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1c00:3:1ffc:9e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 19d51ae0ff9896b08ca5401d52f4996db66403b0adc95c95803b798bafe0f0c2 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:28 GMT x-amz-version-id bwHE8MclRdy8OWrfZXt1LNJ3hhabmhg1 content-encoding gzip last-modified Mon, 13 Dec 2021 20:11:52 GMT server AmazonS3 via 1.1 6b15d1c60d9f387a4132de8eb9595b1e.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 etag W/"6b51e47cfac67fa927c2352749778206" vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml x-amz-cf-id sO0i2a0uZT1TAYGWtDKrEUVsciwiXLCuMcWNAuZtUQVZMdZb-mb01Q==
GET H2	200	icon_account.svg assets.lunchbox.io/roastersntoasters/images/	3 KB 2 KB	499ms 464ms	Image image/svg+xml	2600:9000:2165:1c00:3:1ffc:9e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.lunchbox.io/roastersntoasters/images/icon_account.svg Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1c00:3:1ffc:9e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cf9959a2c07f6b02b27081eb6bff39aa0b1138b55ea9c51bdddad60e4a4a8508 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:28 GMT x-amz-version-id D3feblxRKFn8g9KoExiv5Qha1wbq4bxC content-encoding gzip last-modified Tue, 23 Nov 2021 16:46:32 GMT server AmazonS3 via 1.1 6b15d1c60d9f387a4132de8eb9595b1e.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 etag W/"259a92eaaeef77af5743a97545641dc2" vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml x-amz-cf-id Do-zCE-peFYUPkv1GFcPvDrL0dj-9VFxoDdNv1ZCJIBYB5ExD0D0Rg==
GET		art_misc.png assets.lunchbox.io/roastersntoasters/images/	0 0
GET H2	200	art_background.png assets.lunchbox.io/roastersntoasters/images/	2 MB 2 MB	551ms 516ms	Image image/png	2600:9000:2165:1c00:3:1ffc:9e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.lunchbox.io/roastersntoasters/images/art_background.png Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1c00:3:1ffc:9e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ff7f3727cb2c87831ffb250878c7302c4f16e4046cc384ac439b32273619eaf3 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:28 GMT x-amz-version-id wjWoTfsdgNpMtQGjnQFaWovlHM8tK8GZ via 1.1 6b15d1c60d9f387a4132de8eb9595b1e.cloudfront.net (CloudFront) last-modified Thu, 17 Feb 2022 15:06:23 GMT server AmazonS3 x-amz-cf-pop MUC50-P6 etag "0636cc8a3d306808203ca0f19e677d17" x-cache Miss from cloudfront content-type image/png x-amz-meta-version-id E.LNzSq80EhHvzQzXAg7E8I0L8Qy8iRT accept-ranges bytes content-length 1634274 x-amz-cf-id ArjemNC8iaSPOCDOKBoYIGYP-_R15jzl7ADAZxe-kDfY7juorrmx_A==
GET H2	200	Gotham_Black.otf assets.lunchbox.io/roastersntoasters/catering/fonts/	30 KB 30 KB	503ms 499ms	Font application/x-font-otf	2600:9000:2165:1c00:3:1ffc:9e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.lunchbox.io/roastersntoasters/catering/fonts/Gotham_Black.otf Requested by Host: assets.lunchbox.io URL: https://assets.lunchbox.io/roastersntoasters/catering/css/theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1c00:3:1ffc:9e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0826047154e04ac9b85a0369e2654594aa3211ad757f604ac848071da8069786 Request headers Referer https://assets.lunchbox.io/roastersntoasters/catering/css/theme.css Origin https://d1y41vhpk8ahn7.cloudfront.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:28 GMT x-amz-version-id oumappU4lPkMtZde85qLtpwTJZk5qptb via 1.1 2c313927575349c92f098e6f1111a7ce.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 x-cache Miss from cloudfront content-length 30608 last-modified Tue, 14 Dec 2021 19:05:51 GMT server AmazonS3 etag "14b3a355f612d6181e891efd2c798b5f" access-control-max-age 3000 access-control-allow-methods GET content-type application/x-font-otf access-control-allow-origin * vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id 66sMaNwQYa0AFJnaTT7WzR1CDXfBvpjUQ-wJO2sT_GckqYpsOMZ2qA==
GET H2	200	s.js Show response cdn.sift.com/	62 KB 21 KB	228ms 41ms	Script application/javascript	34.96.67.224 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.sift.com/s.js Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/static/js/main.cfd9e46c28959f72f2f1.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 224.67.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash 10ec464febb7b92ed105d94da994f32989ff1d0795c0013460b5e2a7769934f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 25 Jun 2024 03:41:37 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload age 1760570 x-guploader-uploadid ACJd0NpNhS-kreC9G--EEipHN_rEZU-cJwuSMFpCzxTDEHX2heGQkTUWTFUyF5ILPgz-Sno1r3Q x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20557 last-modified Mon, 18 Mar 2024 08:23:03 GMT server UploadServer etag "489c51cfaaabb9e46cdcd9805f9cb5e7" x-goog-generation 1710750183024543 x-goog-hash crc32c=asYZeQ==, md5=SJxRz6qrueRs3NmAX5y15w== access-control-allow-origin * access-control-expose-headers * cache-control no-transform x-goog-stored-content-length 20557 accept-ranges bytes content-type application/javascript expires Wed, 25 Jun 2025 03:41:37 GMT
GET		/ patron.lunchbox.io/v0/places/	0 0
POST		locations patron.lunchbox.io/v0/	0 0
GET		menus patron.lunchbox.io/v0/	0 0
OPTIONS H2	403	/ patron.lunchbox.io/v0/places/ Frame	0 0	51ms 50ms	Preflight text/html	2606:4700:4400::ac40:906e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://patron.lunchbox.io/v0/places/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:906e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers client,os,sessionid,version Access-Control-Request-Method GET Origin https://d1y41vhpk8ahn7.cloudfront.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control max-age=15 cf-ray 8a39d80f9bb56ae2-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 15 Jul 2024 12:44:27 GMT expires Mon, 15 Jul 2024 12:44:42 GMT referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
OPTIONS H2	403	locations patron.lunchbox.io/v0/ Frame	0 0	54ms 54ms	Preflight text/html	2606:4700:4400::ac40:906e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://patron.lunchbox.io/v0/locations Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:906e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers client,content-type,os,sessionid,version Access-Control-Request-Method POST Origin https://d1y41vhpk8ahn7.cloudfront.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control max-age=15 cf-ray 8a39d80f9bb66ae2-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 15 Jul 2024 12:44:27 GMT expires Mon, 15 Jul 2024 12:44:42 GMT referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
OPTIONS H2	403	menus patron.lunchbox.io/v0/ Frame	0 0	51ms 50ms	Preflight text/html	2606:4700:4400::ac40:906e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://patron.lunchbox.io/v0/menus?menuType=catering&orderType=pickup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:906e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept */* Access-Control-Request-Headers client,locationid,os,sessionid,version Access-Control-Request-Method GET Origin https://d1y41vhpk8ahn7.cloudfront.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control max-age=15 cf-ray 8a39d80f9bb96ae2-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 15 Jul 2024 12:44:27 GMT expires Mon, 15 Jul 2024 12:44:42 GMT referrer-policy same-origin server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
POST H2	200	/ Show response o360216.ingest.sentry.io/api/5214227/envelope/	2 B 56 B	74ms 72ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o360216.ingest.sentry.io/api/5214227/envelope/?sentry_key=8a330049279f4f76a68c8642a51d27ee&sentry_version=7 Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/static/js/vendors.d96de1db81c09d4da48f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 15 Jul 2024 12:44:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
POST H2	200	/ Show response o360216.ingest.sentry.io/api/5214227/store/	41 B 98 B	74ms 72ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o360216.ingest.sentry.io/api/5214227/store/?sentry_key=8a330049279f4f76a68c8642a51d27ee&sentry_version=7 Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/static/js/vendors.d96de1db81c09d4da48f.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash fed59ed799fac7711d056ba06e132c22d6f75e09cc2d7c512aeff6390d677c53 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 15 Jul 2024 12:44:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41
GET H2	200	457034.gif hexagon-analytics.com/images/	43 B 288 B	756ms 164ms	Image image/gif	34.102.232.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://hexagon-analytics.com/images/457034.gif?bk=9c10cdbac9&tm=43&r=515336921&v=107&cs=UTF-8&h=d1y41vhpk8ahn7.cloudfront.net&l=de-DE&S=93fc79d92be5adbcfe0e17dec7f88e35&uu=f5771b4407e6f653488d1b5ccd06fdf&t=Roasters%20N%20Toasters%20Catering&u=https%3A%2F%2Fd1y41vhpk8ahn7.cloudfront.net%2F&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&nm=2&mh=63196a00446a1e285d1992cfe444aa55&np=5&ph=332b72bdb211e34e6e3c24f88d7c393b&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=-120&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=11&je=false&ss=true&ls=true&in=true&db=false&tl=true&tr=false&ts=false&tb=false&ab=false&cf=fae6548d136db15e45c35040a4cbd54b&z=z Requested by Host: d1y41vhpk8ahn7.cloudfront.net URL: https://d1y41vhpk8ahn7.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.232.102.34.bc.googleusercontent.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 15 Jul 2024 12:44:28 GMT via 1.1 google x-content-type-options nosniff server nginx content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Jan 1970 00:00:00 GMT
GET		icon_geo.svg assets.lunchbox.io/roastersntoasters/images/	0 0
GET H2	200	Gotham_Light.otf assets.lunchbox.io/roastersntoasters/catering/fonts/	29 KB 29 KB	504ms 504ms	Font application/x-font-otf	2600:9000:2165:1c00:3:1ffc:9e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.lunchbox.io/roastersntoasters/catering/fonts/Gotham_Light.otf Requested by Host: assets.lunchbox.io URL: https://assets.lunchbox.io/roastersntoasters/catering/css/theme.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1c00:3:1ffc:9e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 059d87195ac799babfa43fc443028f8dfbfec34e0887f69999b63610ec9a3631 Request headers Referer https://assets.lunchbox.io/roastersntoasters/catering/css/theme.css Origin https://d1y41vhpk8ahn7.cloudfront.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:29 GMT x-amz-version-id VsV81HPiw3wpurJakAo3u7j8u4.W_LTc via 1.1 2c313927575349c92f098e6f1111a7ce.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P6 x-cache Miss from cloudfront content-length 29656 last-modified Tue, 14 Dec 2021 19:06:05 GMT server AmazonS3 etag "f76e3adf545b3299f643fd7642800351" access-control-max-age 3000 access-control-allow-methods GET content-type application/x-font-otf access-control-allow-origin * vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id yLZU-OQ-mRRpWv6kFB_UpToJcQKNPTFQWlmWQq2giQieZ4ChFkFxvQ==
GET H2	200	favicon-32x32.png assets.lunchbox.io/roastersntoasters/images/favicon/	1 KB 2 KB	485ms 484ms	Other image/png	2600:9000:2165:1c00:3:1ffc:9e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.lunchbox.io/roastersntoasters/images/favicon/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2165:1c00:3:1ffc:9e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d3630420b8f311d42974fa29a979a75d97b2b03bb0eb2da08a634b3bbfed91e9 Request headers Referer https://d1y41vhpk8ahn7.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 15 Jul 2024 12:44:30 GMT x-amz-version-id h2RR.4TTyw33JhbR8Ok97U.tGiM5j8AL via 1.1 6b15d1c60d9f387a4132de8eb9595b1e.cloudfront.net (CloudFront) last-modified Tue, 23 Nov 2021 16:54:30 GMT server AmazonS3 x-amz-cf-pop MUC50-P6 etag "af304899edfa894b929d33e23e8153fc" x-cache Miss from cloudfront content-type image/png accept-ranges bytes content-length 1432 x-amz-cf-id -661OftQ6tqJdxZQPsklC1djk-IB2O_f2tNYydgzLjD-O1Q46_XSiQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

squareup.com

URL

https://squareup.com/v2/paymentform

Domain

patron.lunchbox.io

URL

https://patron.lunchbox.io/v0/patron

Domain

assets.lunchbox.io

URL

https://assets.lunchbox.io/roastersntoasters/images/art_misc.png

Domain

patron.lunchbox.io

URL

https://patron.lunchbox.io/v0/places/

Domain

patron.lunchbox.io

URL

https://patron.lunchbox.io/v0/locations

Domain

patron.lunchbox.io

URL

https://patron.lunchbox.io/v0/menus?menuType=catering&orderType=pickup

Domain

assets.lunchbox.io

URL

https://assets.lunchbox.io/roastersntoasters/images/icon_geo.svg

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkStripeJSouter function| noop function| Stripe object| AppleID string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| webpackJsonp object| google_tag_data object| gaplugins object| __SENTRY__ object| scCGSHMRCache function| _ object| _sift function| __siftFlashCB object| PluginDetect

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.js.squareup.com/	1970-01-20 22:04:09	Name: __cf_bm Value: WTfrF9RvSpTvJmNWx5l_jOyMLI6dzDTcHs448ufxoig-1721047465-1.0.1.1-km7jsNcki3xEltWCQcSBoukFl4CjWtEra5139jEdzgOgLFYY.72mJ8tqMT8hGv1XURdHMX_lvuT9y6UXSw9FOA
			.squareup.com/	1970-01-20 22:04:09	Name: __cf_bm Value: VOLhzrbtgwh8g_O.y0O0eik8GJmG8qjUuVHbx4KRmGU-1721047466-1.0.1.1-v.ipZ6aUU8pmnL1tWVitMgu1NNC2VU.PCEg2Qy.X_eA467DXzfjbeOAA0TVwqFkaVkYo2lExhdTQTS8gKaPHfw
			m.stripe.com/	1970-01-21 07:40:07	Name: m Value: 8fb95b66-6d13-43a6-8462-32d6fde051640c4abb
			.d1y41vhpk8ahn7.cloudfront.net/	1970-01-21 06:49:43	Name: __stripe_mid Value: e07d34e5-9502-4899-bebe-664506630a18232d58
			.d1y41vhpk8ahn7.cloudfront.net/	1970-01-20 22:04:09	Name: __stripe_sid Value: 894d11f5-6da6-46a0-beb4-10b4af12f11cf473fb

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://d1y41vhpk8ahn7.cloudfront.net/ Message: Access to XMLHttpRequest at 'https://patron.lunchbox.io/v0/patron' from origin 'https://d1y41vhpk8ahn7.cloudfront.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://patron.lunchbox.io/v0/patron Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://d1y41vhpk8ahn7.cloudfront.net/ Message: Access to XMLHttpRequest at 'https://patron.lunchbox.io/v0/places/' from origin 'https://d1y41vhpk8ahn7.cloudfront.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://patron.lunchbox.io/v0/places/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://d1y41vhpk8ahn7.cloudfront.net/ Message: Access to XMLHttpRequest at 'https://patron.lunchbox.io/v0/locations' from origin 'https://d1y41vhpk8ahn7.cloudfront.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://patron.lunchbox.io/v0/locations Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://d1y41vhpk8ahn7.cloudfront.net/ Message: Access to XMLHttpRequest at 'https://patron.lunchbox.io/v0/menus?menuType=catering&orderType=pickup' from origin 'https://d1y41vhpk8ahn7.cloudfront.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://patron.lunchbox.io/v0/menus?menuType=catering&orderType=pickup Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appleid.cdn-apple.com
assets.lunchbox.io
cdn.sift.com
connect.facebook.net
d1y41vhpk8ahn7.cloudfront.net
hexagon-analytics.com
js.stripe.com
o360216.ingest.sentry.io
patron.lunchbox.io
squareup.com
www.google-analytics.com
assets.lunchbox.io
patron.lunchbox.io
squareup.com
151.101.0.176
18.65.39.126
23.196.235.139
2600:9000:20ab:8800:4:45c7:f4c0:93a1
2600:9000:2165:1c00:3:1ffc:9e80:93a1
2606:4700:4400::ac40:906e
2a00:1450:4001:82f::200e
2a03:2880:f084:d:face:b00c:0:3
34.102.232.42
34.120.195.249
34.96.67.224
059d87195ac799babfa43fc443028f8dfbfec34e0887f69999b63610ec9a3631
0826047154e04ac9b85a0369e2654594aa3211ad757f604ac848071da8069786
10ec464febb7b92ed105d94da994f32989ff1d0795c0013460b5e2a7769934f2
19d51ae0ff9896b08ca5401d52f4996db66403b0adc95c95803b798bafe0f0c2
30e23a8e9224248536f6a36c6e82028c8c4f88d6a354519722ca0eef3bcee8c0
3166eecdcbf2e0e9c156c45526150bc3b181462cf76777fcff39c0829eda4959
4019beb2db47d4619d15d1fe19fa7918a724e88026f5b9aeee57587406fafea7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5216b9d772565e7c7e33e5d4641db8ad8778f7b035320aa97f2dbc0f0ab47385
5cf8b7d326336d33658f8d85892161bff4eca06a5f2b27584028e8b5c3b05beb
67d47cbb1632d118490218a8023dfc2d563befd10c3d35af6fcd6f7241fe0c35
6a3cc07650ff8ab071d7ff8b7dd0c1fb3c57b1b8ddbfde5df31ca17bb6b34fc5
73906739fae46b7e1881d2f639aab7e5781f57bdc1ed266b9f45dc56a8c230fa
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b1be432f1084c7e1709b316aa62e0865cf6c41c5370032594d4b77a89c64f89e
b434b49bc20b81de103725f584388bceafec15a9d5e3c396086c7995a1c8eb68
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
cf9959a2c07f6b02b27081eb6bff39aa0b1138b55ea9c51bdddad60e4a4a8508
d3630420b8f311d42974fa29a979a75d97b2b03bb0eb2da08a634b3bbfed91e9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6d18d2267435f35a8e6455d24e00eb093e8ed094afaf711d8b16300816945e
e20e1e1cdae6d7e280af2ffb8d1f28567388c089a707b67ec0706a43a34b5299
fed59ed799fac7711d056ba06e132c22d6f75e09cc2d7c512aeff6390d677c53
ff7f3727cb2c87831ffb250878c7302c4f16e4046cc384ac439b32273619eaf3