app.fooda.com Open in urlscan Pro
2606:4700:3108::ac42:2864  Public Scan

25 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request select Show response app.fooda.com/accounts/923/	11 KB 5 KB	235ms 180ms	Document text/html	2606:4700:3108::ac42:2864 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.fooda.com/accounts/923/select Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2864 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a862f67e82a8722a555993ee4c22c8b63e5f12caa5013d47b7d86b6377341969 Security Headers Name Value Content-Security-Policy default-src https: 'self'; base-uri 'self'; block-all-mixed-content; child-src 'self'; connect-src 'self' *.cloudinary.com *.bing.com *.braintree-api.com *.braintreegateway.com *.s3.amazonaws.com; font-src 'self' *.gstatic.com *.bootstrapcdn.com *.typekit.com *.fooda.com data:; form-action 'self' github.com; frame-ancestors 'self'; frame-src 'self' *.recaptcha.net *.twimg.com itunes.apple.com *.cloudinary.com *.bing.com *.braintreegateway.com; img-src 'self' *.s3.amazonaws.com s3.amazonaws.com *.facebook.com *.gstatic.com *.google-analytics.com *.typekit.net *.cloudinary.com *.fooda.com *.braintreegateway.com *.doubleclick.net data: about:; media-src 'self'; object-src 'self'; plugin-types application/x-shockwave-flash; script-src 'self' 'unsafe-eval' *.surveymonkey.com *.recaptcha.net maps.google.com *.googleapis.com *.google-analytics.com *.facebook.net *.cloudinary.com *.bing.com *.bootstrapcdn.com *.typekit.com *.googletagmanager.com *.fooda.com *.jquery.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.bootstrapcdn.com *.fooda.com Strict-Transport-Security max-age=631139040; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 7725b2f51c389060-FRA content-encoding gzip content-security-policy default-src https: 'self'; base-uri 'self'; block-all-mixed-content; child-src 'self'; connect-src 'self' *.cloudinary.com *.bing.com *.braintree-api.com *.braintreegateway.com *.s3.amazonaws.com; font-src 'self' *.gstatic.com *.bootstrapcdn.com *.typekit.com *.fooda.com data:; form-action 'self' github.com; frame-ancestors 'self'; frame-src 'self' *.recaptcha.net *.twimg.com itunes.apple.com *.cloudinary.com *.bing.com *.braintreegateway.com; img-src 'self' *.s3.amazonaws.com s3.amazonaws.com *.facebook.com *.gstatic.com *.google-analytics.com *.typekit.net *.cloudinary.com *.fooda.com *.braintreegateway.com *.doubleclick.net data: about:; media-src 'self'; object-src 'self'; plugin-types application/x-shockwave-flash; script-src 'self' 'unsafe-eval' *.surveymonkey.com *.recaptcha.net maps.google.com *.googleapis.com *.google-analytics.com *.facebook.net *.cloudinary.com *.bing.com *.bootstrapcdn.com *.typekit.com *.googletagmanager.com *.fooda.com *.jquery.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.bootstrapcdn.com *.fooda.com content-type text/html; charset=utf-8 date Wed, 30 Nov 2022 18:38:16 GMT referrer-policy origin-when-cross-origin server cloudflare strict-transport-security max-age=631139040; includeSubdomains; preload vary Origin x-content-type-options nosniff x-download-options noopen x-frame-options sameorigin x-permitted-cross-domain-policies none x-request-id fe6f9746-f406-4fe8-9e6c-c7a0fe0058d0 x-runtime 0.030830 x-xss-protection 1; mode=block
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 20 KB	57ms 38ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app.fooda.com/ Origin https://app.fooda.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:38:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br cdn-edgestorageid 863 cdn-cachedat 11/18/2022 06:18:41 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:59 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"ec3bb52a00e176a7181d454dffaea219" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 894df613aff3da41b82218754a5a13af timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 7725b2f66951bb85-FRA cdn-requestpullsuccess True
GET H2	200	uniform-nav-footer.css assets-1.fooda.com/collection/	198 KB 198 KB	249ms 47ms	Stylesheet text/css	2600:9000:2127:7800:15:5ed1:4d80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-1.fooda.com/collection/uniform-nav-footer.css Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:7800:15:5ed1:4d80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5f9a64babec645a47458c2e325460a5d3848f7a5027eadc68eaded28f024582a Request headers accept-language de-DE,de;q=0.9 Referer https://app.fooda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 15:49:57 GMT via 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront) last-modified Wed, 31 May 2017 15:13:55 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 10100 etag "e69c7973fd167b72de9bb98306514db8" x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 202512 x-amz-cf-id MYCKpzEsfTQN513XePdLrFmOLtNzshaOJi3JcZcvKTAtkdZF2CiO6A==
GET H2	200	jquery-1.12.4.min.js Show response code.jquery.com/	95 KB 33 KB	1444ms 1378ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.12.4.min.js Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Request headers Referer https://app.fooda.com/ Origin https://app.fooda.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:38:16 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-17b8b" vary Accept-Encoding x-hw 1669833496.dop051.fr8.t,1669833496.cds052.fr8.hn,1669833496.cds167.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33738
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/	36 KB 10 KB	84ms 66ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app.fooda.com/ Origin https://app.fooda.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:38:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br cdn-edgestorageid 1053 cdn-cachedat 11/15/2022 10:30:01 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:00 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"5869c96cc8f19086aee625d670d741f9" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid fb9786f87543b8ebbbcb43db5e2dee33 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 7725b2f66953bb85-FRA cdn-requestpullsuccess True
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/	23 KB 6 KB	35ms 17ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://app.fooda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:38:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 617, 617 age 26736193 cdn-cachedat 2021-04-13 02:55:53 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:54 GMT server cloudflare cdn-requestpullcode 200 vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid a4c754a17577d74a872d3c9c794d1a4f timing-allow-origin * cdn-requestcountrycode US cf-ray 7725b2f66c1e903c-FRA cdn-requestpullsuccess True
GET H2	200	ozn4gku.js Show response use.typekit.com/	21 KB 7 KB	196ms 124ms	Script text/javascript	2a02:26f0:480:f::213:7ec6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.com/ozn4gku.js Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 3506cb2d38abced2c935d375b3352aa143116fe96722c3596e4659794a865c5a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer https://app.fooda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Wed, 30 Nov 2022 18:38:16 GMT server nginx vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 7021
GET H/1.1	200 OK	logo.png www.fooda.com/sites/all/themes/fooda_apr2015/	7 KB 7 KB	417ms 108ms	Image image/png	3.231.118.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.fooda.com/sites/all/themes/fooda_apr2015/logo.png Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.231.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-118-98.compute-1.amazonaws.com Software Apache/2.4.54 (Debian) / Resource Hash e2c43c454d9fc09d351f1c23cd0b39370a72d4ea9898d199082a878eaf8fdb39 Request headers accept-language de-DE,de;q=0.9 Referer https://app.fooda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Wed, 30 Nov 2022 18:38:16 GMT Last-Modified Thu, 10 Nov 2022 08:23:46 GMT Server Apache/2.4.54 (Debian) ETag "1a63-5ed197de9e880" Content-Type image/png Cache-Control max-age=1209600 Connection keep-alive Accept-Ranges bytes Content-Length 6755 Expires Wed, 14 Dec 2022 18:38:16 GMT
GET H/1.1	200 OK	Download_on_the_App_Store_Badge.svg.png www.fooda.com/sites/all/themes/fooda_apr2015/images/	36 KB 37 KB	96ms 95ms	Image image/png	3.231.118.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.fooda.com/sites/all/themes/fooda_apr2015/images/Download_on_the_App_Store_Badge.svg.png Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.231.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-118-98.compute-1.amazonaws.com Software Apache/2.4.54 (Debian) / Resource Hash 8158d06e33d189e3383a103622f820cbfe806989ad56f5b646f2b1305764bbeb Request headers accept-language de-DE,de;q=0.9 Referer https://app.fooda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Wed, 30 Nov 2022 18:38:16 GMT Last-Modified Thu, 10 Nov 2022 08:23:46 GMT Server Apache/2.4.54 (Debian) ETag "91cb-5ed197de9e880" Content-Type image/png Cache-Control max-age=1209600 Connection keep-alive Accept-Ranges bytes Content-Length 37323 Expires Wed, 14 Dec 2022 18:38:16 GMT
GET H/1.1	200 OK	en_badge_web_generic.png www.fooda.com/sites/all/themes/fooda_apr2015/images/	14 KB 14 KB	96ms 96ms	Image image/png	3.231.118.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.fooda.com/sites/all/themes/fooda_apr2015/images/en_badge_web_generic.png Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.231.118.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-231-118-98.compute-1.amazonaws.com Software Apache/2.4.54 (Debian) / Resource Hash 215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2 Request headers accept-language de-DE,de;q=0.9 Referer https://app.fooda.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Wed, 30 Nov 2022 18:38:17 GMT Last-Modified Thu, 10 Nov 2022 08:23:46 GMT Server Apache/2.4.54 (Debian) ETag "3685-5ed197de9e880" Content-Type image/png Cache-Control max-age=1209600 Connection keep-alive Accept-Ranges bytes Content-Length 13957 Expires Wed, 14 Dec 2022 18:38:17 GMT
GET H2	200	email-decode.min.js Show response app.fooda.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 825 B	9ms 9ms	Script application/javascript	2606:4700:3108::ac42:2864 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.fooda.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2864 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://app.fooda.com/accounts/923/select User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:38:16 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 28 Nov 2022 15:39:19 GMT server cloudflare etag W/"6384d627-4d7" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 7725b2f839ed9060-FRA expires Fri, 02 Dec 2022 18:38:16 GMT
GET		vaafb692b2aea4879b33c060e79fe94621666317369993 static.cloudflareinsights.com/beacon.min.js/	0 0
GET H2	200	fooda-404-ffb2514e2f2716e47bc20bf7914aaccca7ac2ab1616b02d880bbd4f8d4a1c2af.jpg app.fooda.com/assets/	548 KB 549 KB	150ms 149ms	Image image/jpeg	2606:4700:3108::ac42:2864 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.fooda.com/assets/fooda-404-ffb2514e2f2716e47bc20bf7914aaccca7ac2ab1616b02d880bbd4f8d4a1c2af.jpg Requested by Host: app.fooda.com URL: https://app.fooda.com/accounts/923/select Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:2864 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb2514e2f2716e47bc20bf7914aaccca7ac2ab1616b02d880bbd4f8d4a1c2af Request headers accept-language de-DE,de;q=0.9 Referer https://app.fooda.com/accounts/923/select User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:38:17 GMT cf-cache-status MISS last-modified Wed, 30 Nov 2022 18:38:17 GMT server cloudflare vary Accept-Encoding content-type image/jpeg cache-control public, max-age=315360000 accept-ranges bytes cf-ray 7725b2ff9f399060-FRA content-length 561493 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/	55 KB 56 KB	37ms 36ms	Font font/woff2	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 Requested by Host: maxcdn.bootstrapcdn.com URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css Origin https://app.fooda.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 18:38:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 722 cdn-cachedat 08/18/2022 19:50:49 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 56780 last-modified Mon, 25 Jan 2021 22:04:54 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 server cloudflare etag "97493d3f11c0a3bd5cbd959f5d19b699" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 14459c50c3a30cba193c6cf8041cfe05 accept-ranges bytes timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 7725b2ffa8b8bb85-FRA cdn-requestpullsuccess True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

static.cloudflareinsights.com

URL

https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery1124037968087034744435 object| Typekit

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.fooda.com/accounts/923/select Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://app.fooda.com/accounts/923/select Message: The Content-Security-Policy directive 'plugin-types' has been removed from the specification. If you want to block plugins, consider specifying "object-src 'none'" instead.
security	error	URL: https://app.fooda.com/accounts/923/select(Line 21) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' *.surveymonkey.com *.recaptcha.net maps.google.com *.googleapis.com *.google-analytics.com *.facebook.net *.cloudinary.com *.bing.com *.bootstrapcdn.com *.typekit.com *.googletagmanager.com *.fooda.com *.jquery.com". Either the 'unsafe-inline' keyword, a hash ('sha256-YjYZ9ptAr+HsO0eNLcrEJDhaLaFZST3PO0kpmHCPL7w='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://app.fooda.com/accounts/923/select(Line 355) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' *.surveymonkey.com *.recaptcha.net maps.google.com *.googleapis.com *.google-analytics.com *.facebook.net *.cloudinary.com *.bing.com *.bootstrapcdn.com *.typekit.com *.googletagmanager.com *.fooda.com *.jquery.com". Either the 'unsafe-inline' keyword, a hash ('sha256-R19gQlDWAi1BcqndHMb0IWshL7/DbG9y0FtwNDcSZhY='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://app.fooda.com/accounts/923/select Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' *.surveymonkey.com *.recaptcha.net maps.google.com *.googleapis.com *.google-analytics.com *.facebook.net *.cloudinary.com *.bing.com *.bootstrapcdn.com *.typekit.com *.googletagmanager.com *.fooda.com *.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'self'; base-uri 'self'; block-all-mixed-content; child-src 'self'; connect-src 'self' *.cloudinary.com *.bing.com *.braintree-api.com *.braintreegateway.com *.s3.amazonaws.com; font-src 'self' *.gstatic.com *.bootstrapcdn.com *.typekit.com *.fooda.com data:; form-action 'self' github.com; frame-ancestors 'self'; frame-src 'self' *.recaptcha.net *.twimg.com itunes.apple.com *.cloudinary.com *.bing.com *.braintreegateway.com; img-src 'self' *.s3.amazonaws.com s3.amazonaws.com *.facebook.com *.gstatic.com *.google-analytics.com *.typekit.net *.cloudinary.com *.fooda.com *.braintreegateway.com *.doubleclick.net data: about:; media-src 'self'; object-src 'self'; plugin-types application/x-shockwave-flash; script-src 'self' 'unsafe-eval' *.surveymonkey.com *.recaptcha.net maps.google.com *.googleapis.com *.google-analytics.com *.facebook.net *.cloudinary.com *.bing.com *.bootstrapcdn.com *.typekit.com *.googletagmanager.com *.fooda.com *.jquery.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.bootstrapcdn.com *.fooda.com
Strict-Transport-Security	max-age=631139040; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.fooda.com
assets-1.fooda.com
code.jquery.com
maxcdn.bootstrapcdn.com
static.cloudflareinsights.com
use.typekit.com
www.fooda.com
static.cloudflareinsights.com
2001:4de0:ac18::1:a:3a
2600:9000:2127:7800:15:5ed1:4d80:93a1
2606:4700:3108::ac42:2864
2606:4700::6812:bcf
2a02:26f0:480:f::213:7ec6
3.231.118.98
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3506cb2d38abced2c935d375b3352aa143116fe96722c3596e4659794a865c5a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5f9a64babec645a47458c2e325460a5d3848f7a5027eadc68eaded28f024582a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8158d06e33d189e3383a103622f820cbfe806989ad56f5b646f2b1305764bbeb
a862f67e82a8722a555993ee4c22c8b63e5f12caa5013d47b7d86b6377341969
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
e2c43c454d9fc09d351f1c23cd0b39370a72d4ea9898d199082a878eaf8fdb39
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ffb2514e2f2716e47bc20bf7914aaccca7ac2ab1616b02d880bbd4f8d4a1c2af