myfoodbagidentity.b2clogin.com Open in urlscan Pro
2603:1017:0:78::1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://account-legacy.myfoodbag.co.nz/ Page URL
2. https://myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/b2c_1a_signin/oauth2/v2.0/authorize?client_id=e4daba4f-7b3b-40da-a924-d52d4e11cfb8&redirect_uri=https%3A%2F%2Faccount-legacy.myfoodbag.co.nz%2Fmy-account%2Fredirect%2Fsignin&response_type=id_token%20token&scope=openid%20profile%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-AccountAPI%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-OrderFormAPI&state=677e2039a6364e498b93dc3bfd9494e7&nonce=20e0437e38684984a1d27e9ba2ed8f90 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response account-legacy.myfoodbag.co.nz/	116 KB 49 KB	662ms 588ms	Document text/html	2606:4700:3108::ac42:2ba0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-legacy.myfoodbag.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2ba0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24ad6f3b474aae307327400a4fbd7f742aec1830009dd89a8336d64617ce8b76 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers cache-control public, must-revalidate, max-age=30 cf-apo-via origin,host cf-cache-status DYNAMIC cf-ray 8c3d19074e5b1c59-AKL content-encoding br content-type text/html date Mon, 16 Sep 2024 01:31:35 GMT last-modified Wed, 11 Sep 2024 00:36:23 GMT referrer-policy same-origin server cloudflare strict-transport-security max-age=10886400; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 1; mode=block
GET H2	200	style.min.css mfbstatic.azureedge.net/style/fresh-start/b9016c453b9eab461c16c6d8312fa7f6/	228 KB 45 KB	235ms 57ms	Stylesheet text/css	2606:2800:147:120f:30c:1ba0:fc6:265a EDGECAST
General Check archive.org Show headers Download Go to Full URL https://mfbstatic.azureedge.net/style/fresh-start/b9016c453b9eab461c16c6d8312fa7f6/style.min.css Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:147:120f:30c:1ba0:fc6:265a , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E79F) / Resource Hash f698cd38843bd531bec47f59fd64d6ea06cfc55cff958150c938515fa5c7bdcf Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 16 Sep 2024 01:31:35 GMT content-encoding gzip age 15067134 x-cache HIT content-length 45170 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 21 Mar 2024 00:00:04 GMT server ECAcc (nwa/E79F) etag "0x8DC4939DC709200+gzip" vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 0a7fcf5e-901e-005a-61cf-7e1c53000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000, public, immutable x-ms-version 2014-02-14
GET H2	200	main.a9de0b6b.js Show response account-legacy.myfoodbag.co.nz/static/js/	5 MB 1 MB	772ms 772ms	Script text/javascript	2606:4700:3108::ac42:2ba0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-legacy.myfoodbag.co.nz/static/js/main.a9de0b6b.js Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2ba0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ea484fcd70f69fe5741f81fefcb0e497f3d593782da9e548cb120a9dd9410bb Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://account-legacy.myfoodbag.co.nz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:36 GMT strict-transport-security max-age=10886400; includeSubDomains; preload referrer-policy same-origin x-content-type-options nosniff last-modified Wed, 11 Sep 2024 00:36:23 GMT server cloudflare cf-cache-status MISS content-encoding br etag W/"18897220" vary Accept-Encoding x-dns-prefetch-control off content-type text/javascript cache-control public, max-age=31536000, must-revalidate cf-ray 8c3d190b09641c59-AKL x-xss-protection 1; mode=block
GET H2	200	main.2b140a56.css account-legacy.myfoodbag.co.nz/static/css/	30 KB 5 KB	594ms 594ms	Stylesheet text/css	2606:4700:3108::ac42:2ba0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-legacy.myfoodbag.co.nz/static/css/main.2b140a56.css Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2ba0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b3b58c487b8617146524a65483d5fd5a662f1ac51b0bac75e737ff8f87081f4 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://account-legacy.myfoodbag.co.nz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:36 GMT strict-transport-security max-age=10886400; includeSubDomains; preload referrer-policy same-origin x-content-type-options nosniff last-modified Wed, 11 Sep 2024 00:36:23 GMT server cloudflare cf-cache-status MISS content-encoding br etag W/"18897220" vary Accept-Encoding x-dns-prefetch-control off content-type text/css cache-control public, max-age=31536000, must-revalidate cf-ray 8c3d190b09621c59-AKL x-xss-protection 1; mode=block
GET H3	200	raven.min.js Show response cdnjs.cloudflare.com/ajax/libs/raven.js/raven-js@3.26.4/	37 KB 12 KB	76ms 41ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/raven.js/raven-js@3.26.4/raven.min.js Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2e166c267f5718c1b95131d0400700d6d7a7fc3229b8f193403071f5c4f7b22 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://account-legacy.myfoodbag.co.nz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 199805 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 12142 last-modified Mon, 04 May 2020 16:15:49 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fb5-92e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I15uEitTiOA04sfCuE9seHsvSLGljp0OUaYoLU4Oo0JfjFH8k3D9COIZVp5btf%2BH9AGyZMLdJNFWv9k0CFW6ALdkw%2BO3HyMMjy1BQR%2Bm9RtGs%2BilO9FizuhBkGIoB6F9ARh0O8PS"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8c3d190b5e061c4c-AKL expires Sat, 06 Sep 2025 01:31:35 GMT
GET H2	200	vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	127ms 56ms	Script text/javascript	2606:4700::6810:5049 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Request headers Referer Origin https://account-legacy.myfoodbag.co.nz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:36 GMT content-encoding gzip last-modified Thu, 06 Jun 2024 15:52:56 GMT server cloudflare etag W/"2024.6.1" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 8c3d19115a03d9b3-AKL
GET H2	200	3392ce hello.myfonts.net/count/	0 355 B	123ms 45ms	Stylesheet text/css	2606:4700::6812:d0ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hello.myfonts.net/count/3392ce Requested by Host: mfbstatic.azureedge.net URL: https://mfbstatic.azureedge.net/style/fresh-start/b9016c453b9eab461c16c6d8312fa7f6/style.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700::6812:d0ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:35 GMT server cloudflare age 1 expect-ct null vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes cf-ray 8c3d190d5a3c725c-AKL content-length 0 expires Tue, 16 Sep 2025 01:31:35 GMT
GET H2	200	css2 fonts.googleapis.com/	4 KB 1 KB	645ms 248ms	Stylesheet text/css	2404:6800:4006:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200..1000;1,200..1000&display=swap Requested by Host: mfbstatic.azureedge.net URL: https://mfbstatic.azureedge.net/style/fresh-start/b9016c453b9eab461c16c6d8312fa7f6/style.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:810::200a Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7d38cf48db41a250c7256cb7295f9b818bbd8cb75745c3a975174da27d021082 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 16 Sep 2024 01:31:36 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 16 Sep 2024 00:22:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 16 Sep 2024 01:31:36 GMT
GET H2	200	gtm.js www.googletagmanager.com/	476 KB 125 KB	654ms 258ms	Script application/javascript	2404:6800:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/static/js/main.a9de0b6b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127337 x-xss-protection 0 last-modified Mon, 16 Sep 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 16 Sep 2024 01:31:37 GMT
GET H2	200	j.php Show response dev.visualwebsiteoptimizer.com/	3 KB 1 KB	220ms 84ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/j.php?a=351892&u=https%3A%2F%2Faccount-legacy.myfoodbag.co.nz%2F&f=1&r=0.6648347735372233 Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/static/js/main.a9de0b6b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gsyd2 / Resource Hash cd093c47bea84601a3d9696c38eb9da8e827c84142b4ad82dcf9e7e8a227c9cf Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:36 GMT content-encoding gzip via 1.1 google server gsyd2 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0, no-cache, must-revalidate timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	141ms 66ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/static/js/main.a9de0b6b.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash 57d7863ddf444368a1e8e1911b0127cade28c8bf2e58c452a3e6cd75b517eff6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 16 Sep 2024 01:31:36 GMT content-md5 7DA+y2scZMgGfqzDY2UBtg== document-policy force-load-at-top x-fb-server-load 22 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1687 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4421, tp=9, tpl=0, uplat=0, ullat=-1 x-fb-debug C5Yi81jSD3Y+kDHhu4D2nI68zdCdE7Moagj6X6Gdlt76O37n6CIP+Fn+oxpn0fM4S3VezlhUITHTWFEUdPTmzQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 479e1c0e51cfd1d587e65daf2882a926 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "6b09b42111cf6ea32735ceb16e64b923" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * priority u=3,i expires Mon, 16 Sep 2024 01:33:25 GMT
GET H/1.1	200 OK	openid-configuration myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/B2C_1A_Signin/v2.0/.well-known/	1 KB 2 KB	590ms 394ms	XHR application/json	2603:1016:1400:70::3 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/B2C_1A_Signin/v2.0/.well-known/openid-configuration Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/static/js/main.a9de0b6b.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1016:1400:70::3 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Mon, 16 Sep 2024 01:31:36 GMT X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods GET, OPTIONS Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://account-legacy.myfoodbag.co.nz Public OPTIONS,TRACE,GET,HEAD,POST Cache-Control no-store, must-revalidate, no-cache Allow OPTIONS, TRACE, GET, HEAD, POST x-ms-gateway-requestid a4aa2114-0fea-4e41-9343-23796f8e2e17 Content-Length 1442 X-XSS-Protection 1; mode=block
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	300 KB 86 KB	132ms 66ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=2709929047a376cbdcf688583cfae700 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash 8f93a53774300cffde53b2d2518dc1cac551553e192185c1c62709e31c42a877 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer Origin https://account-legacy.myfoodbag.co.nz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 16 Sep 2024 01:31:37 GMT content-md5 zxFL78H5EjFEaIJk6aqkbA== document-policy force-load-at-top x-fb-server-load 62 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87760 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=0, ullat=-1 x-fb-debug SoHdYyw2pJV6dSMxGIkTyZQoe5moKgr8x6XhAd5qH7eZAl7ok3EUNf1oL7OHZcsn81J3PbBdRqcFDxljUGy9fw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 59a7d5d518dd40d4b900a5a9064ded1e cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "6cd6f1a0d91ee9a9d1575009d649583c" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * priority u=3,i expires Mon, 15 Sep 2025 23:19:41 GMT
OPTIONS H2	204	track dc.services.visualstudio.com/v2/	0 0	377ms 131ms	Preflight	20.213.196.214 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.213.196.214 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers content-type,sdk-context Access-Control-Request-Method POST Origin https://account-legacy.myfoodbag.co.nz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context access-control-allow-methods POST access-control-allow-origin * access-control-max-age 3600 date Mon, 16 Sep 2024 01:31:37 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
GET H/1.1	200 OK	Primary Request authorize Show response myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/b2c_1a_signin/oauth2/v2.0/	151 KB 65 KB	869ms 699ms	Document text/html	2603:1017:0:78::1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/b2c_1a_signin/oauth2/v2.0/authorize?client_id=e4daba4f-7b3b-40da-a924-d52d4e11cfb8&redirect_uri=https%3A%2F%2Faccount-legacy.myfoodbag.co.nz%2Fmy-account%2Fredirect%2Fsignin&response_type=id_token%20token&scope=openid%20profile%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-AccountAPI%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-OrderFormAPI&state=677e2039a6364e498b93dc3bfd9494e7&nonce=20e0437e38684984a1d27e9ba2ed8f90 Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/static/js/main.a9de0b6b.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1017:0:78::1 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash dd81cafee4811e477f79e705fc7a7d1641ab3aa5354d0bb68d62c887c76f7f51 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Allow OPTIONS TRACE GET HEAD POST Cache-Control no-store, must-revalidate, no-cache Content-Encoding gzip Content-Length 63963 Content-Type text/html; charset=utf-8 Date Mon, 16 Sep 2024 01:31:37 GMT Expires -1 Public OPTIONS,TRACE,GET,HEAD,POST Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Build 1.1.249.0 X-Content-Type-Options nosniff X-Frame-Options DENY X-Request-ID 85f4f24b-cb4a-4d59-8914-6ea2864dcfcd X-UA-Compatible IE=edge X-XSS-Protection 1; mode=block x-ms-gateway-requestid e0deea79-f2c8-4bb1-b419-b232d20171e5
POST H2	200	track dc.services.visualstudio.com/v2/	96 B 200 B	165ms 164ms	Fetch application/json	20.213.196.214 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/static/js/main.a9de0b6b.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.213.196.214 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer sdk-context appId User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * strict-transport-security max-age=31536000 date Mon, 16 Sep 2024 01:31:37 GMT x-content-type-options nosniff server Microsoft-HTTPAPI/2.0 content-type application/json; charset=utf-8
GET H2	200	js www.googletagmanager.com/gtag/	153 KB 0	251ms 250ms	Script application/javascript	2404:6800:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XX6JNH00KW&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 105463 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 16 Sep 2024 01:31:37 GMT
GET H2	200	js www.googletagmanager.com/gtag/	77 KB 0	333ms 333ms	Script application/javascript	2404:6800:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-HBN0268M93&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 97760 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 16 Sep 2024 01:31:37 GMT
GET H2	200	destination www.googletagmanager.com/gtag/	85 KB 0	272ms 272ms	Script application/javascript	2404:6800:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-782461330&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 86629 x-xss-protection 0 last-modified Mon, 16 Sep 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 16 Sep 2024 01:31:37 GMT
GET H2	200	destination www.googletagmanager.com/gtag/	88 KB 0	283ms 283ms	Script application/javascript	2404:6800:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-957843104&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 87940 x-xss-protection 0 last-modified Mon, 16 Sep 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 16 Sep 2024 01:31:37 GMT
GET H2	200	destination www.googletagmanager.com/gtag/	47 KB 0	297ms 297ms	Script application/javascript	2404:6800:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-840566714&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94633 x-xss-protection 0 last-modified Mon, 16 Sep 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 16 Sep 2024 01:31:37 GMT
GET H2	200	destination www.googletagmanager.com/gtag/	44 KB 0	321ms 321ms	Script application/javascript	2404:6800:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-12267466&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78952 x-xss-protection 0 last-modified Mon, 16 Sep 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 16 Sep 2024 01:31:37 GMT
GET		events.js analytics.tiktok.com/i18n/pixel/	0 0
GET		events.js analytics.tiktok.com/i18n/pixel/	0 0
GET		events.js analytics.tiktok.com/i18n/pixel/	0 0
GET H2	200	bat.js bat.bing.com/	49 KB 14 KB	359ms 178ms	Script application/javascript	2620:1ec:33::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Mon, 16 Sep 2024 01:31:37 GMT last-modified Fri, 06 Sep 2024 21:17:16 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 24B5CEDC7C8C462A86D3925832407882 Ref B: SYD03EDGE2014 Ref C: 2024-09-16T01:31:38Z etag "016326a20db1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 14305
GET		collect.js 7285283.collect.igodigital.com/	0 0
GET H3	200	B22437878.242476087;sz=1x2;ord=1832637532 ad.doubleclick.net/ddm/adj/N1017868.197812NSO.CODESRV/	43 KB 17 KB	365ms 198ms	Script text/javascript	142.251.221.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N1017868.197812NSO.CODESRV/B22437878.242476087;sz=1x2;ord=1832637532?517282874527? Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.70 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 16 Sep 2024 01:31:38 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16913 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	B22453672.242351795;sz=1x2;ord=2123369379 ad.doubleclick.net/ddm/adj/N1017868.197812NSO.CODESRV/	43 KB 17 KB	366ms 200ms	Script text/javascript	142.251.221.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N1017868.197812NSO.CODESRV/B22453672.242351795;sz=1x2;ord=2123369379?846300796569? Requested by Host: account-legacy.myfoodbag.co.nz URL: https://account-legacy.myfoodbag.co.nz/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.70 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 16 Sep 2024 01:31:38 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16912 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	clicktrue_invocation.js ob.cheqzone.com/	107 KB 40 KB	215ms 74ms	Script text/javascript	18.65.244.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ob.cheqzone.com/clicktrue_invocation.js?id=6936 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.244.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-244-19.syd3.r.cloudfront.net Software Caddy / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 00:58:55 GMT content-encoding gzip via 1.1 900141041f08038f9452e4f1a092ecd2.cloudfront.net (CloudFront) server Caddy x-amz-cf-pop SYD3-P1 age 1969 etag "1ad7a-JFGvzsbzrrIBaZW6BP1L7GEJy90" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 cache-control max-age=43200 content-length 40174 x-amz-cf-id Epom7N7aK2PIjuA1RP0rtN1CjrQGgzCNX3jboMvNkruxHFAkHmC5WQ== expires Mon, 16 Sep 2024 12:58:48 GMT
GET		index.min.js wheelioapp.azureedge.net/app/	0 0
GET H3	200	fbevents.js connect.facebook.net/en_US/	225 KB 58 KB	67ms 67ms	Script application/x-javascript	157.240.8.23 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-syd2.fbcdn.net Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 16 Sep 2024 01:31:37 GMT document-policy force-load-at-top x-fb-server-load 50 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58953 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=67, rtx=0, c=26, mss=1232, tbw=8325, tp=15, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug KF3XBSCoj8JisUI40h5hFOpraADXUQ8b3WK4IMFW5Aq85t8DZhcc9Y2C8c1fTtjmB1ijliuv9S/gL6cfETxSSw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET		/ 90f840a06bfc484cae74128b2b396c70.js.ubembed.com/	0 0
GET H2	200	snippet.js static.zdassets.com/ekr/	10 KB 5 KB	116ms 44ms	Script application/javascript	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=175098f7-23a4-41c9-a37c-4ee32273a14f Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR5NZX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 16 Sep 2024 01:31:38 GMT x-amz-version-id FkgGJxeVVNjmEhoAGFYT4yGKQLf728f6 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id PP11KBE4DE84MVGN age 43 x-amz-server-side-encryption AES256 x-amz-replication-status PENDING x-amz-id-2 SRWe0M1Q42B4VYOfo+2r3smcJWGwpKWgLLXbyf5Q204Gu5fyP6cuCymJqq6NLPbgLMy7e6eT6Co= last-modified Tue, 10 Sep 2024 11:42:28 GMT server cloudflare etag W/"d90dbb2a9f98c3c53cd0f1d480381e2e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zJz9bRE59IkQGCC1L4lVpwIcGVH4LHGo6nZU1IpHAq3csHLQt3NbSBAtaZ6vVQlgGxGzozumdpNegLBdmLIcQw7HUKK8KgxmAMwXz7xNK6mm4L5P6K2g01N7QgHotfMw9jwUj0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control public, max-age=3600, s-maxage=60 access-control-max-age 0 cf-ray 8c3d191b1c0e1c5a-AKL access-control-allow-headers *
GET		795576031821178 connect.facebook.net/signals/config/	0 0
GET		343122728.js bat.bing.com/p/action/	0 0
GET		ufs_web_display.js pagead2.googlesyndication.com/pagead/managed/js/activeview/current/	0 0
GET		omrhp.js pagead2.googlesyndication.com/pagead/js/r20240911/r20110914/elements/html/	0 0
GET		view googleads4.g.doubleclick.net/pcs/	0 0
GET		view googleads4.g.doubleclick.net/pcs/	0 0
GET H2	200	Signin.html Show response auth.myfoodbag.co.nz/adb2c/0.1.11/custom/	7 KB 3 KB	251ms 175ms	XHR text/html	2606:4700:3108::ac42:2860 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth.myfoodbag.co.nz/adb2c/0.1.11/custom/Signin.html Requested by Host: myfoodbagidentity.b2clogin.com URL: https://myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/b2c_1a_signin/oauth2/v2.0/authorize?client_id=e4daba4f-7b3b-40da-a924-d52d4e11cfb8&redirect_uri=https%3A%2F%2Faccount-legacy.myfoodbag.co.nz%2Fmy-account%2Fredirect%2Fsignin&response_type=id_token%20token&scope=openid%20profile%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-AccountAPI%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-OrderFormAPI&state=677e2039a6364e498b93dc3bfd9494e7&nonce=20e0437e38684984a1d27e9ba2ed8f90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2860 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22d57b5ab8444d273afc91dc8d257c18c86b32f9552c12528ac2bfec2a12ca9e Request headers Referer https://myfoodbagidentity.b2clogin.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 16 Sep 2024 01:31:38 GMT content-encoding br cf-cache-status DYNAMIC content-md5 XzBLQA360BSM2L1M9mP+nQ== x-cache CONFIG_NOCACHE x-ms-lease-status unlocked last-modified Wed, 28 Aug 2024 02:29:11 GMT server cloudflare vary Origin, Accept-Encoding x-azure-ref 20240916T013138Z-1596549d49b7kpgp793qp0q6gc00000006a0000000008f53 content-type text/html access-control-allow-origin https://myfoodbagidentity.b2clogin.com x-ms-request-id 238ff16d-101e-006a-50d8-07a501000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-credentials true x-ms-version 2009-09-19 cf-apo-via origin,host cf-ray 8c3d191dbeb4d9b8-AKL
GET H2	200	ai.0.js Show response az416426.vo.msecnd.net/scripts/a/	94 KB 22 KB	234ms 59ms	Script application/x-javascript	2606:2800:147:120f:30c:1ba0:fc6:265a EDGECAST
General Check archive.org Show headers Download Go to Full URL https://az416426.vo.msecnd.net/scripts/a/ai.0.js Requested by Host: myfoodbagidentity.b2clogin.com URL: https://myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/b2c_1a_signin/oauth2/v2.0/authorize?client_id=e4daba4f-7b3b-40da-a924-d52d4e11cfb8&redirect_uri=https%3A%2F%2Faccount-legacy.myfoodbag.co.nz%2Fmy-account%2Fredirect%2Fsignin&response_type=id_token%20token&scope=openid%20profile%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-AccountAPI%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-OrderFormAPI&state=677e2039a6364e498b93dc3bfd9494e7&nonce=20e0437e38684984a1d27e9ba2ed8f90 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:147:120f:30c:1ba0:fc6:265a , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E79C) / Resource Hash 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e Request headers Referer https://myfoodbagidentity.b2clogin.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 16 Sep 2024 01:31:38 GMT content-encoding gzip x-ms-meta-lastmodified 2020-10-01 19:31:04 content-md5 HdY95yzx9wIyQkVEGES+Ew== age 347 x-cache HIT content-length 22495 x-ms-lease-status unlocked last-modified Thu, 11 Mar 2021 07:46:59 GMT server ECAcc (nwa/E79C) etag 0x8D8E461DA1A5889 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 20d9ffa8-201e-00ea-07d7-07e7f1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800 x-ms-version 2009-09-19 expires Mon, 16 Sep 2024 02:01:38 GMT
GET H2	200	logo-header.png auth.myfoodbag.co.nz/adb2c/0.1.11/custom/	13 KB 13 KB	105ms 41ms	Image image/png	2606:4700:3108::ac42:2860 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://auth.myfoodbag.co.nz/adb2c/0.1.11/custom/logo-header.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2860 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccc72ee0d6d5a26f966b4781df137aba1d7e3f2fc2165293ad5809bf197186ad Request headers Referer https://myfoodbagidentity.b2clogin.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 16 Sep 2024 01:31:38 GMT cf-cache-status HIT content-md5 xfKdRu5upb04OJ9ftaNP+w== age 1198 cf-polished origSize=21655, status=vary_header_present x-cache CONFIG_NOCACHE content-length 13238 x-ms-lease-status unlocked cf-bgj imgq:100,h2pri last-modified Wed, 28 Aug 2024 02:29:11 GMT server cloudflare etag 0x8DCC70933735C0B vary Origin, Accept-Encoding x-azure-ref 20240911T025712Z-1748795bb76g6l5q8pfu2agsks0000000v1g00000000avcb content-type image/png x-ms-request-id 0af1e987-201e-005e-2ff6-0396c9000000 cache-control max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8c3d191f3f46d9ac-AKL
GET H2	200	ftn85-webfont.woff2 mfbstatic.azureedge.net/style/my-food-bag/fonts/	14 KB 14 KB	228ms 58ms	Font font/woff2	2606:2800:147:120f:30c:1ba0:fc6:265a EDGECAST
General Check archive.org Show headers Download Go to Full URL https://mfbstatic.azureedge.net/style/my-food-bag/fonts/ftn85-webfont.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:147:120f:30c:1ba0:fc6:265a , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7D3) / Resource Hash 806637cb8beafc8ef08ca44e93ae9641a9a8959985d9532487e853b9151cd0aa Request headers Referer https://myfoodbagidentity.b2clogin.com/ Origin https://myfoodbagidentity.b2clogin.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 16 Sep 2024 01:31:38 GMT age 15067189 x-cache HIT content-length 14040 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 21 Mar 2024 00:00:07 GMT server ECAcc (nwa/E7D3) etag "0x8DC4939DEC025F8" content-type font/woff2 access-control-allow-origin * x-ms-request-id 91193d58-f01e-0063-68cf-7ee74f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000, public, immutable x-ms-version 2014-02-14 accept-ranges bytes
GET H2	200	ftn45-webfont.woff2 mfbstatic.azureedge.net/style/my-food-bag/fonts/	19 KB 20 KB	227ms 57ms	Font font/woff2	2606:2800:147:120f:30c:1ba0:fc6:265a EDGECAST
General Check archive.org Show headers Download Go to Full URL https://mfbstatic.azureedge.net/style/my-food-bag/fonts/ftn45-webfont.woff2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:147:120f:30c:1ba0:fc6:265a , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7A7) / Resource Hash 06082e97d3199938e665461d7ed33aa445cdcc4c0d66dbe73239c727291bfd38 Request headers Referer https://myfoodbagidentity.b2clogin.com/ Origin https://myfoodbagidentity.b2clogin.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 16 Sep 2024 01:31:38 GMT age 15066277 x-cache HIT content-length 19536 x-ms-lease-state available x-ms-lease-status unlocked last-modified Thu, 21 Mar 2024 00:00:06 GMT server ECAcc (nwa/E7A7) etag "0x8DC4939DE1259FC" content-type font/woff2 access-control-allow-origin * x-ms-request-id 5f3a0ac7-701e-001f-68d1-7ec9b0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000, public, immutable x-ms-version 2014-02-14 accept-ranges bytes
POST H/1.1	200 OK	perftrace Show response myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/B2C_1A_Signin/client/	0 447 B	421ms 419ms	XHR text/plain	2603:1017:0:78::1 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/B2C_1A_Signin/client/perftrace?tx=StateProperties=eyJUSUQiOiI4NWY0ZjI0Yi1jYjRhLTRkNTktODkxNC02ZWEyODY0ZGNmY2QifQ&p=B2C_1A_Signin Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1017:0:78::1 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://myfoodbagidentity.b2clogin.com/60ee7e55-202d-469d-9ed7-42a9a46fb866/b2c_1a_signin/oauth2/v2.0/authorize?client_id=e4daba4f-7b3b-40da-a924-d52d4e11cfb8&redirect_uri=https%3A%2F%2Faccount-legacy.myfoodbag.co.nz%2Fmy-account%2Fredirect%2Fsignin&response_type=id_token%20token&scope=openid%20profile%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-AccountAPI%20https%3A%2F%2Fmyfoodbagidentity.onmicrosoft.com%2Fcba552dd-b7a8-4b7d-91f5-10af6afdca80%2FMFB-OrderFormAPI&state=677e2039a6364e498b93dc3bfd9494e7&nonce=20e0437e38684984a1d27e9ba2ed8f90 X-Requested-With XMLHttpRequest X-CSRF-TOKEN Tkt5Ylg3bWRUWU5keHVqU3d4Yks2WUNXZUszamVQVSsyRXZkNG02T21DWldvVmJzZkUyZTNOSW8wSzVCcWkvWWFzYmNNcFNuT0hFMWJlNnR0c3lpQmc9PTsyMDI0LTA5LTE2VDAxOjMxOjM3LjkyNzU5MDRaO0NWbmp0THF0TUhHb3RwVElFN0ltSnc9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoyfQ== Request-Id |YVvQf.Gwq9Z User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Mon, 16 Sep 2024 01:31:38 GMT X-Content-Type-Options nosniff Allow OPTIONS, TRACE, GET, HEAD, POST X-Frame-Options DENY Public OPTIONS,TRACE,GET,HEAD,POST Cache-Control no-store, must-revalidate, no-cache x-ms-gateway-requestid 257c7a13-b36c-4aa6-b2ac-608e37a66f0f Content-Length 0 X-XSS-Protection 1; mode=block
OPTIONS H2	204	track dc.services.visualstudio.com/v2/	0 0	338ms 131ms	Preflight	20.213.196.214 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.213.196.214 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers content-type,sdk-context Access-Control-Request-Method POST Origin https://myfoodbagidentity.b2clogin.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context access-control-allow-methods POST access-control-allow-origin * access-control-max-age 3600 date Mon, 16 Sep 2024 01:31:38 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
POST H2	200	track Show response dc.services.visualstudio.com/v2/	96 B 200 B	167ms 166ms	XHR application/json	20.213.196.214 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.213.196.214 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash 8a6142a353cd479eee9697c89e83861ebc0fb903a4ba1df2250d59db42a3dfaa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://myfoodbagidentity.b2clogin.com/ Sdk-Context appId User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/json Response headers access-control-allow-origin * strict-transport-security max-age=31536000 date Mon, 16 Sep 2024 01:31:38 GMT x-content-type-options nosniff server Microsoft-HTTPAPI/2.0 content-type application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

analytics.tiktok.com

URL

https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CM165JJC77UBFHFT1ET0&lib=ttq

Domain

analytics.tiktok.com

URL

https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CM166SRC77UDBRR1E9BG&lib=ttq

Domain

analytics.tiktok.com

URL

https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CM11G9RC77UEEQ9OQ270&lib=ttq

Domain

7285283.collect.igodigital.com

URL

https://7285283.collect.igodigital.com/collect.js

Domain

wheelioapp.azureedge.net

URL

https://wheelioapp.azureedge.net/app/index.min.js?v=1726450297889

Domain

90f840a06bfc484cae74128b2b396c70.js.ubembed.com

URL

https://90f840a06bfc484cae74128b2b396c70.js.ubembed.com/

Domain

connect.facebook.net

URL

https://connect.facebook.net/signals/config/795576031821178?v=2.9.167&r=stable&domain=account-legacy.myfoodbag.co.nz&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Domain

bat.bing.com

URL

https://bat.bing.com/p/action/343122728.js

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=r20110914

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/js/r20240911/r20110914/elements/html/omrhp.js

Domain

googleads4.g.doubleclick.net

URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstweRLjvfXmvSNRcGZ8IfGdUERNhHsJAO6dDeXog4-vS_qwhA42R8MewfHY3qrM3ogNySQjUQrVbhmJACuk8lMZKS3CRwjAB-Ylvxf9mfU2whKR5cAPqCufn5vkDLUVmcZOcRQBuqIG4US7Pw&sai=AMfl-YQVM3TT0tu6bz40qhdbDuVDlvIIEs-hF22B7YPd4ndAu21XeI7E1lXOxWFN00BDjYK0S_PU36uiN8XC&sig=Cg0ArKJSzM6wQe13D14cEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20240911.20122&arae=1&ftch=1&adurl=

Domain

googleads4.g.doubleclick.net

URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJZeuH0eJFQ0Tnv-jo95qrrisi0o9IgPcHbmtXW5tzDcIuy9XQdv_ZeVE8EGPe6eKZUESlxI42lei9bfFNDrYruTQNK3I2-bhniVLWD4PGmoHsBjCl9wtm55dhvyA2v3q_kmsDiHkyxHZdRg&sai=AMfl-YS6qdLMAa3yLxVtuqOtc4HTPc_6Wjm1KLbG_FqTIEMIHcaqVEJPzOZSNfCMn4Tol3kZSQzVE8irY6L_&sig=Cg0ArKJSzPqt2zpNf-LoEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20240911.98957&arae=1&ftch=1&adurl=