order.carnaby.sg Open in urlscan Pro
172.66.40.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://order.carnaby.sg/
Submission: On December 02 via api (December 2nd 2024, 9:52:49 am UTC) from US — Scanned from SG

Summary HTTP 44 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 44 HTTP transactions. The main IP is 172.66.40.122, located in United States and belongs to CLOUDFLARENET, US. The main domain is order.carnaby.sg.
TLS certificate: Issued by WE1 on December 2nd 2024. Valid for: 3 months.

This is the only time order.carnaby.sg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	172.66.40.122 172.66.40.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.253.118.95 172.253.118.95	15169 (GOOGLE) (GOOGLE)
6	23.45.207.198 23.45.207.198	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.253.118.94 172.253.118.94	15169 (GOOGLE) (GOOGLE)
3	172.253.118.207 172.253.118.207	15169 (GOOGLE) (GOOGLE)
44	7

27 172.66.40.122 (United States)

ASN13335 (CLOUDFLARENET, US)

order.carnaby.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.atlas.kitchen	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ph.atlas.kitchen	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.45.207.198 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-45-207-198.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o514330.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.118.207 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f207.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	atlas.kitchen api.atlas.kitchen ph.atlas.kitchen	16 KB
10	carnaby.sg order.carnaby.sg	2 MB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 maps.googleapis.com — Cisco Umbrella Rank: 466 storage.googleapis.com — Cisco Umbrella Rank: 314	993 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 460 p.typekit.net — Cisco Umbrella Rank: 571	55 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	sentry.io o514330.ingest.sentry.io	300 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
44	7

	Domain	Requested by
15	api.atlas.kitchen	order.carnaby.sg
10	order.carnaby.sg	order.carnaby.sg
4	maps.googleapis.com	order.carnaby.sg maps.googleapis.com
4	use.typekit.net	order.carnaby.sg use.typekit.net
3	storage.googleapis.com	order.carnaby.sg
2	ph.atlas.kitchen	order.carnaby.sg
2	p.typekit.net	use.typekit.net
1	fonts.gstatic.com	fonts.googleapis.com
1	o514330.ingest.sentry.io	order.carnaby.sg
1	static.cloudflareinsights.com	order.carnaby.sg
1	fonts.googleapis.com	order.carnaby.sg
44	11

This site contains links to these domains. Also see Links.

Domain
maps.app.goo.gl
instagram.com
atlas.kitchen

Subject Issuer	Validity	Valid
order.carnaby.sg WE1	`2024-12-02` - `2025-03-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-17` - `2025-11-17`	a year	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
api.atlas.kitchen WE1	`2024-11-26` - `2025-02-25`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-07-29`	10 months	crt.sh
*.atlas.kitchen WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
storage.googleapis.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://order.carnaby.sg/
Frame ID: 9FD2D4D7A4DBACBDF14E853DD41C527B
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Carnaby by Adam Peney - Modern British classics done right | Order Now for pickup or delivery

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

44
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

7
IPs

2
Countries

3295 kB
Transfer

6871 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://maps.app.goo.gl/jY6iTwtc12u2KK2q8
Title: 60 Robertson Quay #01-01 Singapore 238252

Search URL Search Domain Scan URL

URL: http://instagram.com/carnabysg

Search URL Search Domain Scan URL

URL: https://atlas.kitchen/?utm_source=order.carnaby.sg&utm_medium=referral&utm_campaign=atlas_online&utm_content=guest

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
order.carnaby.sg/ 11 KB
4 KB 1277ms
1224ms Document
text/html 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://order.carnaby.sg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85db54fdda6ce67a12759ff5175e987cdb2218fa2d540fda212178b4815d5004

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 16604
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 8eba6cceaacf408c-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 02 Dec 2024 09:52:36 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT"
vary: Accept-Encoding

GET
H2 200 index-XX9cXdAL.js Show response
order.carnaby.sg/assets/ 4 MB
1005 KB 92ms
90ms Script
application/javascript 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js
Requested by: Host: order.carnaby.sg
URL: https://order.carnaby.sg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c237e9aa7bc0eb158427c5e913caff05cd0dce3b1b3366f58f9f054187afa9d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.carnaby.sg
Referer: https://order.carnaby.sg/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"assets/index-XX9cXdAL.60581ce765.js"
age: 16603
cf-ray: 8eba6cd88fa3408c-SIN
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 09:52:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 style.dLJ3MbgE.css
order.carnaby.sg/assets/ 144 KB
26 KB 77ms
75ms Stylesheet
text/css 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://order.carnaby.sg/assets/style.dLJ3MbgE.css
Requested by: Host: order.carnaby.sg
URL: https://order.carnaby.sg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 643b45e38ffdc2df0f6b60a125b0b742162bae7b540041dd0aee6433cd06e978

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.carnaby.sg
Referer: https://order.carnaby.sg/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"assets/style.dLJ3MbgE.154db6ff10.css"
age: 16603
cf-ray: 8eba6cd88f9e408c-SIN
alt-svc: h3=":443"; ma=86400
date: Mon, 02 Dec 2024 09:52:37 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 856 B
863 B 37ms
21ms Stylesheet
text/css 172.253.118.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bebas+Neue&display=swap

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f95.1e100.net

Software

ESF /

Resource Hash

3dba4702b7ad3145a583f4103efab89de56a3132b3c823eef119fa61762af98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 09:52:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 09:52:37 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 02 Dec 2024 08:25:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 ihw1ejp.css
use.typekit.net/ 3 KB
959 B 359ms
299ms Stylesheet
text/css 23.45.207.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ihw1ejp.css

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.207.198 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-45-207-198.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d90ca0f88fa48f32efee313be41a41bbf966abc3ec993e33950ee2184143f49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 736
date: Mon, 02 Dec 2024 09:52:37 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 267ms
31ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: order.carnaby.sg
URL: https://order.carnaby.sg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.carnaby.sg
Referer: https://order.carnaby.sg/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8eba6cdc0f619f8f-SIN
access-control-allow-origin: *
date: Mon, 02 Dec 2024 09:52:37 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 rtv8mct.css
use.typekit.net/ 3 KB
967 B 42ms
41ms Stylesheet
text/css 23.45.207.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/rtv8mct.css

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/style.dLJ3MbgE.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.207.198 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-45-207-198.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7a8776bbd36a3c3852d33c31d3ce81a12193ebbb713d23a42ea27b71c397ee4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 744
date: Mon, 02 Dec 2024 09:52:37 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 43ms
8ms Stylesheet
text/css 23.45.207.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=rtv8mct&ht=tk&f=9565.9569.24537.24539&a=714490&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rtv8mct.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.207.198 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-45-207-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "6649f58c-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Mon, 02 Dec 2024 09:52:37 GMT
content-type: text/css
last-modified: Sun, 19 May 2024 12:50:20 GMT
server: nginx

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 4ms
3ms Stylesheet
text/css 23.45.207.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ihw1ejp&ht=tk&f=39504.39505.39508.39509&a=13363195&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ihw1ejp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.207.198 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-45-207-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "6649f58c-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Mon, 02 Dec 2024 09:52:37 GMT
content-type: text/css
last-modified: Sun, 19 May 2024 12:50:20 GMT
server: nginx

OPTIONS
H3 200 graphql
api.atlas.kitchen/v1/diners/ 0
0 300ms
275ms Preflight 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.atlas.kitchen/v1/diners/graphql
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-name,x-client-uuid,x-platform
Access-Control-Request-Method: POST
Origin: https://order.carnaby.sg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Pin-Token, X-Station-ID, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8eba6cdfb9555fdb-SIN
content-length: 0
date: Mon, 02 Dec 2024 09:52:38 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

OPTIONS
H3 200 graphql
api.atlas.kitchen/v1/diners/ 0
0 305ms
281ms Preflight 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.atlas.kitchen/v1/diners/graphql
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-name,x-client-uuid,x-platform
Access-Control-Request-Method: POST
Origin: https://order.carnaby.sg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Pin-Token, X-Station-ID, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8eba6cdfb95c5fdb-SIN
content-length: 0
date: Mon, 02 Dec 2024 09:52:38 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

OPTIONS
H3 200 graphql
api.atlas.kitchen/v1/diners/ 0
0 250ms
226ms Preflight 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.atlas.kitchen/v1/diners/graphql
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-name,x-client-uuid,x-platform
Access-Control-Request-Method: POST
Origin: https://order.carnaby.sg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Pin-Token, X-Station-ID, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8eba6cdfb95a5fdb-SIN
content-length: 0
date: Mon, 02 Dec 2024 09:52:38 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

POST
H2 200 / Show response
o514330.ingest.sentry.io/api/5781202/envelope/ 2 B
300 B 36ms
7ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o514330.ingest.sentry.io/api/5781202/envelope/?sentry_key=3795529bbade4f488abf7f5fb3d6e42d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.74.0

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://order.carnaby.sg/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Mon, 02 Dec 2024 09:52:38 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

POST
H3 200 / Show response
ph.atlas.kitchen/decide/ 562 B
667 B 336ms
314ms XHR
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ph.atlas.kitchen/decide/?v=3&ip=1&_=1733133158075&ver=1.96.1

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9471a3e8cb2168cd6c0d87a709a0e6a26cfea76e7bac0455c42d14a3addefd1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://order.carnaby.sg/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:38 GMT
content-type: application/json
vary: Accept-Encoding, Origin
priority: u=1,i
access-control-allow-headers: X-Requested-With,Content-Type
cross-origin-opener-policy: same-origin
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8eba6cde1e475fea-SIN
access-control-allow-origin: https://order.carnaby.sg
server: cloudflare

GET
H2 200 l
use.typekit.net/af/0230dd/00000000000000007735bb33/30/ 26 KB
26 KB 26ms
6ms Font
application/font-woff2 23.45.207.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0230dd/00000000000000007735bb33/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ihw1ejp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.207.198 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-45-207-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e5b627b2aa5520423d9eef65612847ff0316ea78285f6ca54c461cabf4077f91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.carnaby.sg
Referer: https://use.typekit.net/ihw1ejp.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "5bb33ae2a954c4b3b528681f85ecbf7624532fad"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 26356
date: Mon, 02 Dec 2024 09:52:38 GMT
content-type: application/font-woff2
server: nginx

GET
H3 200 JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v14/ 13 KB
14 KB 17ms
7ms Font
font/woff2 172.253.118.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f94.1e100.net

Software

sffe /

Resource Hash

02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.carnaby.sg
Referer: https://fonts.googleapis.com/

Response headers

age: 147639
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 16:51:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 16:51:59 GMT
last-modified: Thu, 24 Aug 2023 21:28:06 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13820
x-xss-protection: 0
server: sffe

GET
H2 200 l
use.typekit.net/af/305037/00000000000000007735bb39/30/ 27 KB
27 KB 23ms
4ms Font
application/font-woff2 23.45.207.198
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/305037/00000000000000007735bb39/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ihw1ejp.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.207.198 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-45-207-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 357e9638466a0ed42f1a9d503d72f5d2420aa843ba7e1560851f762e707c9df8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.carnaby.sg
Referer: https://use.typekit.net/ihw1ejp.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "4af6f044e86b0a30d1aa7c5babe16808274dd9a8"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 27780
date: Mon, 02 Dec 2024 09:52:38 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 390 KB
122 KB 40ms
36ms Script
text/javascript 172.253.118.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBLwlkiM75o1XdWC8ZbUrhb5jQiNvSuIT4&libraries=places

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

6ae973a8e209315043eec8b52466dd01eb16bb6349b05dbb9cb7630c1ee2bbcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: 9492acdd
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124397
date: Mon, 02 Dec 2024 09:52:38 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 carnaby-logo.png
order.carnaby.sg/assets/images/atlas-core-active-storage/carnaby/ 23 KB
23 KB 95ms
95ms Image
image/webp 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://order.carnaby.sg/assets/images/atlas-core-active-storage/carnaby/carnaby-logo.png
Requested by: Host: order.carnaby.sg
URL: https://order.carnaby.sg/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b32f2b44193d325d9e9898dcc04bc2ae932da338beda6ecf17fa7839669b9229

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=QHZYfg==, md5=DMkltxHvi2GEJmEA9m2PWw==
cf-cache-status: MISS
etag: "0cc925b711ef8b6184266100f66d8f5b"
x-goog-stored-content-encoding: identity
expires: Mon, 02 Dec 2024 10:52:38 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 23231
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:38 GMT
content-type: image/webp
last-modified: Sat, 30 Nov 2024 00:37:02 GMT
vary: Accept-Encoding
priority: u=3,i
x-guploader-uploadid: AFiumC7qN1ggeAFuS_wib1bN5xieL-tvQ8zOEcmTaAyFUuaAifyqr40ShgCsWUNjHucr9GldFvzZMjOcnQ
cache-control: public, max-age=86400
x-goog-storage-class: STANDARD
cf-ray: 8eba6cdf8d5bce0e-SIN
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732927022591782
content-length: 23231
server: cloudflare

GET
H2 200 carnaby-adam-logo.png
storage.googleapis.com/atlas-core-active-storage/carnaby/ 46 KB
46 KB 54ms
39ms Image
image/png 172.253.118.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/atlas-core-active-storage/carnaby/carnaby-adam-logo.png
Requested by: Host: order.carnaby.sg
URL: https://order.carnaby.sg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.118.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f207.1e100.net
Software: UploadServer /
Resource Hash: af2319b2bda8295138a7d28346f15bda01f49e70871fd90305cdbbfae841cd23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=HwTjgQ==, md5=Fbu9WX9nkLBlWGB0M76D3g==
etag: "15bbbd597f6790b06558607433be83de"
x-goog-stored-content-encoding: identity
expires: Mon, 02 Dec 2024 10:52:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 46959
date: Mon, 02 Dec 2024 09:52:38 GMT
last-modified: Sat, 30 Nov 2024 00:37:02 GMT
content-type: image/png
x-guploader-uploadid: AFiumC4znRvT654AkQcpYuqw8AEVSu6_uZ2EGuBOkRDUxeHoSRlBlF2hRPZPTeVp_BuhcSiWJXiSsYTlGQ
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732927022575628
content-length: 46959
server: UploadServer

GET
H3 200 chunk.FhKJGEEu.js Show response
order.carnaby.sg/chunks/ 6 KB
3 KB 527ms
527ms Script
application/javascript 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://order.carnaby.sg/chunks/chunk.FhKJGEEu.js
Requested by: Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a7b76f43bf3a2e6c9a10c2a0da1faeb63fc6c1005152fc01f262e42a29c7045

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://order.carnaby.sg
Referer: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"chunks/chunk.FhKJGEEu.4be1d77cc4.js"
cf-ray: 8eba6cdf8d6bce0e-SIN
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:38 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 36 B
1 KB 1484ms
1482ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95f70893c59d9c2f8a91bb9707c27884237cf1b2d5f0b47c5d29ebb118fb4bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: f8c8897e-c935-43e2-8df2-597850c9e0e3
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"95f70893c59d9c2f8a91bb9707c27884"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=gCokskNLEVjYpycpmS.UZfm3sJiYLLTK2dWhC1KUTLE-1733133160-1.0.1.1-NdKJbd.5nObo.w7Ohddi7BOyaCX.q_f0IyfL_mQfisQtA6ST2F0G_eYOQ_K02yD3DURZqxKCl11lYQz7jWLxV1rd6jQ0nrsLm1lurcfhJfQj5vMD2o7jBLbCwsaog6qw4EXPxnEcSgJPBQChLDzCQHGYchciozkW3X4yYIsBQUM"}],"group":"cf-csp-endpoint","max_age":86400}
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:40 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.365558
x-cloud-trace-context: dbd58611355b432cc8f263ad4dd4181f;o=1
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 373
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6ce16bb65fdb-SIN
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=gCokskNLEVjYpycpmS.UZfm3sJiYLLTK2dWhC1KUTLE-1733133160-1.0.1.1-NdKJbd.5nObo.w7Ohddi7BOyaCX.q_f0IyfL_mQfisQtA6ST2F0G_eYOQ_K02yD3DURZqxKCl11lYQz7jWLxV1rd6jQ0nrsLm1lurcfhJfQj5vMD2o7jBLbCwsaog6qw4EXPxnEcSgJPBQChLDzCQHGYchciozkW3X4yYIsBQUM; report-to cf-csp-endpoint
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 1 KB
1 KB 1466ms
1464ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d12e2a8052f16ff13ae947aa1c85673c4b16864368b66b1ead1f6e31c170dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: b6504618-48e1-4f26-9911-21050f91c18d
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"4d12e2a8052f16ff13ae947aa1c85673"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:40 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.478100
x-cloud-trace-context: 5e5d5d30f512454ac87e7a5a8f712cf5;o=1
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 484
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6ce17bc65fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 3 KB
2 KB 1502ms
1501ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268ba8a3e1ea913b70d3c39decb069eb73d1212ff738f761f5f2a1fdd66d62f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: b3d24db5-321f-435b-9698-376e68174f44
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"268ba8a3e1ea913b70d3c39decb069eb"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:40 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.462160
x-cloud-trace-context: 2570b2aeb337423682501357d2b21a52;o=1
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 467
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6ce11b485fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 29 B
760 B 1226ms
1225ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ecbd48b383754bb670dc169a5512291038faaf7f98238a9c93c0b35921ddf43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: afd5d044-276a-473e-aca8-0576369086a3
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"6ecbd48b383754bb670dc169a5512291"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:39 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.110260
x-cloud-trace-context: bb4e9a265d8d4fbec10d98a940a1d02d;o=1
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 114
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6ce16bbe5fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

OPTIONS
H3 200 graphql
api.atlas.kitchen/v1/diners/ 0
0 301ms
278ms Preflight 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.atlas.kitchen/v1/diners/graphql
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-name,x-client-uuid,x-platform
Access-Control-Request-Method: POST
Origin: https://order.carnaby.sg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Pin-Token, X-Station-ID, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8eba6cdfb9585fdb-SIN
content-length: 0
date: Mon, 02 Dec 2024 09:52:38 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 32ms
6ms XHR
application/json 172.253.118.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://order.carnaby.sg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Mon, 02 Dec 2024 09:52:38 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

POST
H3 204 rum Show response
order.carnaby.sg/cdn-cgi/ 0
142 B 13ms
9ms XHR
text/plain 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://order.carnaby.sg/cdn-cgi/rum?

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://order.carnaby.sg/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8eba6ce09982ce0e-SIN
access-control-allow-origin: https://order.carnaby.sg
date: Mon, 02 Dec 2024 09:52:38 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 favicon.ico
order.carnaby.sg/assets/ 789 KB
751 KB 536ms
534ms Other
image/vnd.microsoft.icon 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://order.carnaby.sg/assets/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c8d4a62bdf3070091d42d1dc707f9a52759b8741a562fa93e20afc9a3b361ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=y7sxf7oBCWK8MGs_xi6YRcpMzPew.HjJjUWv9_FJvso-1733133159-1.0.1.1-zTqnOtfnz7myxjPliZDksRJFqxptnw1ND0SIgkRClORD7xjsLAfk4qmugGFDPWmEa2yU46wz73QswaqBsaTo94xr0hQMYUjUzc5swDhxNOdS1MBC2kJZnjPXJxgnGe2h9g0rWXdULVwP8TIIywPQF4AskAVxMQpZvcWxsuw6oQM"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=y7sxf7oBCWK8MGs_xi6YRcpMzPew.HjJjUWv9_FJvso-1733133159-1.0.1.1-zTqnOtfnz7myxjPliZDksRJFqxptnw1ND0SIgkRClORD7xjsLAfk4qmugGFDPWmEa2yU46wz73QswaqBsaTo94xr0hQMYUjUzc5swDhxNOdS1MBC2kJZnjPXJxgnGe2h9g0rWXdULVwP8TIIywPQF4AskAVxMQpZvcWxsuw6oQM; report-to cf-csp-endpoint
cf-ray: 8eba6ce09988ce0e-SIN
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:39 GMT
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 1 KB
1 KB 547ms
546ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d530c1fdaf5efc4e2a82ef4e1328e068d530d909b9c36585246edc03328d376d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: 9ace8f33-7c48-45fe-a08d-c703ee463cf6
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"d530c1fdaf5efc4e2a82ef4e1328e068"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:40 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.472881
x-cloud-trace-context: a648be9041c14ece8e22243fd1ba553f;o=0
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 476
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6ceb0a6e5fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 174 B
876 B 358ms
357ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b963cb58fc20cdaa83714024f62c431d74a2b26322f9c39fe88969c2a3b08c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: 4224a17d-009a-4b77-82fe-93ad7de97b8c
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"b963cb58fc20cdaa83714024f62c431d"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:40 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.269408
x-cloud-trace-context: e3f139d94c8a4651ca527c86012f3d03;o=0
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 276
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6ceb0a735fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

GET
H2 200 52ax82gk8bmdnlk9e582dwp4t4up
storage.googleapis.com/atlas-core-active-storage/ 46 KB
46 KB 42ms
40ms Image
image/png 172.253.118.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/atlas-core-active-storage/52ax82gk8bmdnlk9e582dwp4t4up
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.118.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f207.1e100.net
Software: UploadServer /
Resource Hash: af2319b2bda8295138a7d28346f15bda01f49e70871fd90305cdbbfae841cd23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=HwTjgQ==, md5=Fbu9WX9nkLBlWGB0M76D3g==
etag: "15bbbd597f6790b06558607433be83de"
x-goog-stored-content-encoding: identity
expires: Mon, 02 Dec 2024 10:52:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 46959
date: Mon, 02 Dec 2024 09:52:40 GMT
last-modified: Sat, 30 Nov 2024 01:17:25 GMT
content-type: image/png
x-guploader-uploadid: AFiumC7g1svKMo5wJQM33ea8rP31CGEJeWAA7TNM15GBk8KtoJDvNZFnSyhqNjZdhZAVFVAQWr58PqT99g
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732929445084551
content-length: 46959
server: UploadServer

GET
H3 200 n3me7raufccd7bt1qq3agv9kkr6v
storage.googleapis.com/atlas-core-active-storage/ 664 KB
664 KB 121ms
120ms Image
image/jpeg 172.253.118.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/atlas-core-active-storage/n3me7raufccd7bt1qq3agv9kkr6v
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.118.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f207.1e100.net
Software: UploadServer /
Resource Hash: ba0249d9837cd7b358e57620289f7841ffd9d2491f198564577f695d56fdf99e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=KTtWWw==, md5=S71q5Y8wMhwri1B/2BKS2Q==
etag: "4bbd6ae58f30321c2b8b507fd81292d9"
x-goog-stored-content-encoding: identity
expires: Mon, 02 Dec 2024 10:52:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 680110
date: Mon, 02 Dec 2024 09:52:40 GMT
last-modified: Sat, 30 Nov 2024 01:17:24 GMT
content-type: image/jpeg
x-guploader-uploadid: AFiumC5u2LDXtbQN0f_7_bWaKT4GniyZ8-3ol-w9ccflguOoFJ5s7OduYYVNhAUwf0bwZ12Udg8kMdDbxA
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732929444959400
content-length: 680110
server: UploadServer

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 36 B
766 B 323ms
317ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95f70893c59d9c2f8a91bb9707c27884237cf1b2d5f0b47c5d29ebb118fb4bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: 119a1ed0-450e-41d2-b3de-f2941aecff81
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"95f70893c59d9c2f8a91bb9707c27884"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:41 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.242078
x-cloud-trace-context: 5f04b4aae77040008092ca9f256bca11;o=0
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 245
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6cee98085fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 1 KB
1 KB 101ms
98ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d12e2a8052f16ff13ae947aa1c85673c4b16864368b66b1ead1f6e31c170dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: f7753e4f-86cc-4583-95fb-9ac1d6930d76
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"4d12e2a8052f16ff13ae947aa1c85673"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:40 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.034447
x-cloud-trace-context: 232eac9ba02144c0c3c58ec00cd38a25;o=0
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 37
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6cee980b5fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 2 KB
1 KB 245ms
244ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77854ce008c20e15c3f9c74218639a24104406d153bebd2d67ace8d511b2203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: 725af3f9-a030-43a7-b93c-f1f0e22e288b
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"f77854ce008c20e15c3f9c74218639a2"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:41 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.174078
x-cloud-trace-context: d804c0d8e2c8478585f660bf325bac30;o=1
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 183
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6ceeb82d5fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 25 KB
3 KB 349ms
347ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0764b1c3ebac71484136f3270fa4898a7564e5d8a7012af8fa2a3fcbd519038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: b35ab4e4-1b4e-4270-937e-4e60f65ad157
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"f0764b1c3ebac71484136f3270fa4898"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:41 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 0.268227
x-cloud-trace-context: 2fe794439dca477fceae8034774daeeb;o=0
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 273
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6ceec8335fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
api.atlas.kitchen/v1/diners/ 209 B
861 B 2115ms
2113ms Fetch
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.atlas.kitchen/v1/diners/graphql

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9968ba1dcdbe2558ad0bd2261fb257673811bf51a0359e93f0f47725a3d1f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-platform: web
Referer: https://order.carnaby.sg/
x-client-uuid: ff5a4b7b-0846-4ca4-b6ce-3ca701466196
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: */*
x-client-name: diner-web
content-type: application/json

Response headers

access-control-max-age: 1728000
x-request-id: 9bd06e0e-3183-4a46-9281-142788ffd979
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"f9968ba1dcdbe2558ad0bd2261fb2576"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:42 GMT
content-type: application/json; charset=utf-8
vary: Accept, Accept-Encoding, Origin
x-runtime: 2.047094
x-cloud-trace-context: 09759cdb6c7746a5823938c65292598e;o=0
access-control-allow-headers: Content-Type, Authorization, X-Client-UUID, X-Client-Name, X-Merchant-ID, X-Brand-ID, X-Platform, X-Outlet-ID, X-Outlet-QR-Hash, X-Cart-QR-Hash, X-Table-QR-Hash, X-Channel-ID, X-Channel-Link-ID, X-CSRF-Token, X-Point-Program-Hash
x-frame-options: SAMEORIGIN
priority: u=1,i
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2052
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8eba6ceec8365fdb-SIN
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

GET
H3 200 e4n822w6qmk19afqf0b2lvkn0zme
order.carnaby.sg/assets/images/atlas-core-active-storage/ 124 KB
124 KB 85ms
84ms Image
image/webp 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://order.carnaby.sg/assets/images/atlas-core-active-storage/e4n822w6qmk19afqf0b2lvkn0zme
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686c7824bec481ea59946293075cad1a1d9f818975396c2b6949c6d2f8f107ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=NHH7YA==, md5=L2pEuw8gwx+spUV5DmNj/w==
cf-cache-status: MISS
etag: "2f6a44bb0f20c31faca545790e6363ff"
x-goog-stored-content-encoding: identity
expires: Mon, 02 Dec 2024 10:52:41 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 126809
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:41 GMT
content-type: image/webp
last-modified: Mon, 02 Dec 2024 04:27:25 GMT
vary: Accept-Encoding
priority: u=3,i
x-guploader-uploadid: AFiumC4mnRI0-jwN38d6ODyYnoHhLi4MlaiCZkH0N2fMW4CyBq1pu19Esz-2uTmJbAO3Kj11reDAlP-RNA
cache-control: public, max-age=86400
x-goog-storage-class: STANDARD
cf-ray: 8eba6cf1acfdce0e-SIN
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1733113645434931
content-length: 126809
server: cloudflare

GET
H3 200 carnaby-placeholder.jpg
order.carnaby.sg/assets/images/atlas-core-active-storage/carnaby/ 130 KB
131 KB 92ms
91ms Image
image/webp 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://order.carnaby.sg/assets/images/atlas-core-active-storage/carnaby/carnaby-placeholder.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457370bfc42ab709d036db4620f6e3e847836e1276488b84405f044285c58bbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=VvTV7A==, md5=qWp+YoPHwXXdoqTjKleV1A==
cf-cache-status: MISS
etag: "a96a7e6283c7c175dda2a4e32a5795d4"
x-goog-stored-content-encoding: identity
expires: Mon, 02 Dec 2024 10:52:41 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 133089
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:41 GMT
content-type: image/webp
last-modified: Sat, 30 Nov 2024 00:37:02 GMT
vary: Accept-Encoding
priority: u=3,i
x-guploader-uploadid: AFiumC5goOsTvtj0B0zOEfR3HmH24pUvkgq6gZzQL0Wu1MmWsgCm-bCtYWj31WBTtNnPE0uue7QrWoqo7A
cache-control: public, max-age=86400
x-goog-storage-class: STANDARD
cf-ray: 8eba6cf1ad09ce0e-SIN
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1732927022588012
content-length: 133089
server: cloudflare

GET
H3 200 esn4hu9ixz8e5ylydmt25exrcnrk
order.carnaby.sg/assets/images/atlas-core-active-storage/ 142 KB
142 KB 125ms
124ms Image
image/webp 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://order.carnaby.sg/assets/images/atlas-core-active-storage/esn4hu9ixz8e5ylydmt25exrcnrk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01fded8f730ce9ceffb1d5e732d9e6f31927c742d6b9da2107becb4b12bade3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=oUD6uw==, md5=IiWOId8LYzlFUZYiRwLbZw==
cf-cache-status: MISS
etag: "22258e21df0b6339455196224702db67"
x-goog-stored-content-encoding: identity
expires: Mon, 02 Dec 2024 10:52:41 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 144970
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:41 GMT
content-type: image/webp
last-modified: Mon, 02 Dec 2024 04:28:02 GMT
vary: Accept-Encoding
priority: u=3,i
x-guploader-uploadid: AFiumC604V8RIAsS6f9x33_7Pk6uQa_IGcIjjaRPy9oqcgknzfPzHGaHCUDMN1eT2Ew68wiTsuP4M0ZCwA
cache-control: public, max-age=86400
x-goog-storage-class: STANDARD
cf-ray: 8eba6cf1ad0ece0e-SIN
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1733113682282169
content-length: 144970
server: cloudflare

POST
H3 200 / Show response
ph.atlas.kitchen/e/ 13 B
344 B 289ms
288ms XHR
application/json 172.66.40.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ph.atlas.kitchen/e/?compression=gzip-js&ip=1&_=1733133161446&ver=1.96.1

Requested by

Host: order.carnaby.sg
URL: https://order.carnaby.sg/assets/index-XX9cXdAL.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://order.carnaby.sg/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 02 Dec 2024 09:52:41 GMT
content-type: application/json
vary: Accept-Encoding, Origin
priority: u=1,i
access-control-allow-headers: X-Requested-With,Content-Type
cross-origin-opener-policy: same-origin
x-envoy-upstream-service-time: 7
access-control-allow-credentials: true
referrer-policy: same-origin
cf-ray: 8eba6cf318985fea-SIN
access-control-allow-origin: https://order.carnaby.sg
server: cloudflare

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/1/intl/en_gb/ 268 KB
55 KB 10ms
9ms Script
text/javascript 172.253.118.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/1/intl/en_gb/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBLwlkiM75o1XdWC8ZbUrhb5jQiNvSuIT4&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f95.1e100.net

Software

sffe /

Resource Hash

e2793c1057ae25d753d69963c05bc1ae44e1f5c998b65ef313800b7563bdba18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

content-encoding: br
age: 183059
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 07:01:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 07:01:44 GMT
last-modified: Tue, 19 Nov 2024 01:42:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56762
x-xss-protection: 0
server: sffe

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/59/1/intl/en_gb/ 191 KB
58 KB 10ms
9ms Script
text/javascript 172.253.118.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/59/1/intl/en_gb/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBLwlkiM75o1XdWC8ZbUrhb5jQiNvSuIT4&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f95.1e100.net

Software

sffe /

Resource Hash

dc07fd6c7ddf090466c0ea9c9a192d89991a8e8d12b7491f91cd42e1391283e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://order.carnaby.sg/

Response headers

content-encoding: br
age: 146328
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 17:13:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 17:13:55 GMT
last-modified: Tue, 19 Nov 2024 01:42:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 59389
x-xss-protection: 0
server: sffe

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.order.carnaby.sg/	1970-01-21 01:26:59	Name: x_csrf_token Value: a62206ab60654bff5013cfca57d2c857
			.carnaby.sg/	1970-01-21 10:11:09	Name: ph_phc_Pr97MIckq8R83vgcupQh8uqiW7XUaY6kkXnz9xiUUH1_posthog Value: %7B%22distinct_id%22%3A%22019386c9-46ba-71f4-b8dd-faf6df525e55%22%2C%22%24sesid%22%3A%5B1733133158300%2C%22019386c9-479c-7568-b8fa-204fba04d259%22%2C1733133158300%5D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.atlas.kitchen
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
o514330.ingest.sentry.io
order.carnaby.sg
p.typekit.net
ph.atlas.kitchen
static.cloudflareinsights.com
storage.googleapis.com
use.typekit.net
104.16.79.73
172.253.118.207
172.253.118.94
172.253.118.95
172.66.40.122
23.45.207.198
34.120.195.249
01fded8f730ce9ceffb1d5e732d9e6f31927c742d6b9da2107becb4b12bade3e
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
268ba8a3e1ea913b70d3c39decb069eb73d1212ff738f761f5f2a1fdd66d62f8
2c8d4a62bdf3070091d42d1dc707f9a52759b8741a562fa93e20afc9a3b361ba
357e9638466a0ed42f1a9d503d72f5d2420aa843ba7e1560851f762e707c9df8
3dba4702b7ad3145a583f4103efab89de56a3132b3c823eef119fa61762af98b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457370bfc42ab709d036db4620f6e3e847836e1276488b84405f044285c58bbc
4d12e2a8052f16ff13ae947aa1c85673c4b16864368b66b1ead1f6e31c170dcf
643b45e38ffdc2df0f6b60a125b0b742162bae7b540041dd0aee6433cd06e978
686c7824bec481ea59946293075cad1a1d9f818975396c2b6949c6d2f8f107ba
6a7b76f43bf3a2e6c9a10c2a0da1faeb63fc6c1005152fc01f262e42a29c7045
6ae973a8e209315043eec8b52466dd01eb16bb6349b05dbb9cb7630c1ee2bbcc
6ecbd48b383754bb670dc169a5512291038faaf7f98238a9c93c0b35921ddf43
7a8776bbd36a3c3852d33c31d3ce81a12193ebbb713d23a42ea27b71c397ee4e
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
85db54fdda6ce67a12759ff5175e987cdb2218fa2d540fda212178b4815d5004
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9471a3e8cb2168cd6c0d87a709a0e6a26cfea76e7bac0455c42d14a3addefd1b
95f70893c59d9c2f8a91bb9707c27884237cf1b2d5f0b47c5d29ebb118fb4bc1
af2319b2bda8295138a7d28346f15bda01f49e70871fd90305cdbbfae841cd23
b32f2b44193d325d9e9898dcc04bc2ae932da338beda6ecf17fa7839669b9229
b963cb58fc20cdaa83714024f62c431d74a2b26322f9c39fe88969c2a3b08c48
ba0249d9837cd7b358e57620289f7841ffd9d2491f198564577f695d56fdf99e
c237e9aa7bc0eb158427c5e913caff05cd0dce3b1b3366f58f9f054187afa9d4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d530c1fdaf5efc4e2a82ef4e1328e068d530d909b9c36585246edc03328d376d
d90ca0f88fa48f32efee313be41a41bbf966abc3ec993e33950ee2184143f49b
dc07fd6c7ddf090466c0ea9c9a192d89991a8e8d12b7491f91cd42e1391283e2
e2793c1057ae25d753d69963c05bc1ae44e1f5c998b65ef313800b7563bdba18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b627b2aa5520423d9eef65612847ff0316ea78285f6ca54c461cabf4077f91
f0764b1c3ebac71484136f3270fa4898a7564e5d8a7012af8fa2a3fcbd519038
f77854ce008c20e15c3f9c74218639a24104406d153bebd2d67ace8d511b2203
f9968ba1dcdbe2558ad0bd2261fb257673811bf51a0359e93f0f47725a3d1f00

order.carnaby.sg Open in urlscan Pro 172.66.40.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

0 %IPv6

7 Domains

11 Subdomains

7 IPs

2 Countries

3295 kBTransfer

6871 kBSize

2 Cookies

3 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

order.carnaby.sg Open in urlscan Pro
172.66.40.122 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

7
IPs

2
Countries

3295 kB
Transfer

6871 kB
Size

2
Cookies

44 HTTP transactions
0 data transactions