indexo.dev

myfitnesspal.com

.com toplist crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 7854 ms crawled 2026-05-19

US · 104.18.34.245 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Calorie Tracker & BMR Calculator to Reach Your Goals | MyFitnessPal
Description
Reach your health, fitness & weight goals with MyFitnessPal, the #1 nutrition tracking app. Macro & calorie calculator, food tracker, and fasting app in one. Download today!
Language
en
Canonical
https://www.myfitnesspal.com
Translations
  • da
  • de
  • en
  • es
  • fr
  • id
  • it
  • ja
  • ko
  • ms
  • nb
  • nl
  • pl
  • pt
  • ru
  • sv
  • tl
  • tr
  • zh-cn
  • zh-tw

Open Graph

title
MyFitnessPal
description
Reach your health, fitness & weight goals with MyFitnessPal, the #1 nutrition tracking app. Macro & calorie calculator, food tracker, and fasting app in one. Download today!

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Cloudflare Insights
  • Google Analytics
  • Google Tag Manager
Ads
  • Meta Pixel
Cookie consent
  • TrustArc
Third-party hosts loaded (9)
  • cdn.privacy-mgmt.com×1
  • connect.facebook.net×1
  • consent.trustarc.com×1
  • consent.truste.com×1
  • static.cloudflareinsights.com×1
  • www.google-analytics.com×1
  • www.google.com×1
  • www.googletagmanager.com×1
  • www.gstatic.com×1

Social

Contact

Email

Registration

Registrar
MarkMonitor Inc.
Created
2004-11-16
Expires
2028-11-16 911 days left
Updated
2025-05-14
Name servers
  • elisa.ns.cloudflare.com
  • gannon.ns.cloudflare.com

DNS records live

NS
  • elisa.ns.cloudflare.com
  • gannon.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 25 TXT records
  • facebook-domain-verification=ckr53ulsmy1vs2dwppppt6xwhtc5fk
  • asn-verification=113e130f52ef13092231213dbadd8d30f0143c37b2c2744d24b16bfbc770372a
  • have-i-been-pwned-verification=37c31c95ebc27a82104fd378e23c6f3e
  • apple-domain-verification=WCdjJmlbmQSDdvD3
  • GUID=9928b8b1-f83f-4518-bf35-ac7504f9b417
  • segment-site-verification=xopGmJnxbn2rPzZXsS2fMLslPYUndBeJ
  • google-site-verification=kHACMEqbYV5qgu3tprf-GnXzWeHvWVHgVncFCiQKlb4
  • atlassian-domain-verification=vRVlNNYB4Ta6QoLCQtsmdBc6emoab1Jsldy9az8E47tQW4cHajZHsi4rTq4HM0PE
  • Pv0TLiWeowXZIsAw68NzAb3SgjY
  • 0r4UVQn/K1PldOhFrE9MoJLiJXfQLSKU+uLPm4Z1uGfGrxtPLbQ+ymZcnBCVIkemqdAFahKrsLodU2cqFkkbtA==
  • asv=57fab8da76cd7db6399386b2fbb8266e
  • logmein-verification-code=25ce4838-7980-4719-b4c5-e76450a6066f
  • stripe-verification=4fa8f2705ed3ca0496b4d680bdec5d74213c22e6c1428282612504c2c55d7558
  • MS=ms15058904
  • status-page-domain-verification=qh3cfw6syrg3
  • openai-domain-verification=dv-UNBZKzk7GFSRuVEUk4KHWObW
  • ca3-b122d05a919141ba91aba958f04a3a83
  • docusign=70668272-5104-4868-af0d-389211541998
  • google-site-verification=gB6gRbVH-PkcwwblYYT_s6peEZ-uOCU4SCN-m6t2-0Q
  • loom-site-verification=edd4369291874aacb2b5aae6ea089158
  • MS=ms95772151
  • cursor-domain-verification-f88819=Y8P5LsyqtmltA7MfMr2jwtMiQ
  • 7aff834813804a3ea18721b6bce7740d
  • 1password-site-verification=VOWKAPWYWZCT5HUOWLC2SAZL5E
  • anthropic-domain-verification-1mjwc0=ydAYQut9EZNXEQaKnOtAjzP66

Email authentication strong

SPF
v=spf1 include:mail.zendesk.com include:_spf.google.com include:_spf.qualtrics.com ip4:208.185.229.40/29 -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:074cb25249364ef2b4923557da662d24@dmarc-reports.cloudflare.net; ruf=mailto:074cb25249364ef2b4923557da662d24@dmarc-reports.cloudflare.net; ri=3600; sp=reject; pct=100; fo=0:1:d:s;
policy: reject (enforced) · sp=reject
DKIM
Show 5 DKIM selectors
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqf9wOFRUg7TiQ3RSN5Ummo21QchcfTDJosuiXja7VFKTGmAA52o3j0nRDsZF+EBl8bEGqoJ+aUYDw…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCemfD++2aGivw5gOh7RmcxcBkw2Z2FODeevigtHYbeybTzCrTOkmLZ73zzislQ//MMjoFVCsDzOgm677fk7q…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYWl/owzM1InkeoLWLEyzXW4Kay3NUeM7VJFm+b7wBKhdrIYyPurdQ6FuR16fkCkzrFAVsFYy5/OGPd7G9…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDDgRItcfud+sX4hAy96gAHOqvK0Rx/HBPjiS98gurOlVxPvcDGxlDIX/1mLSeJyXWdrWPKExBs6MRIiGUfZZHrO…
selectors probed

Certificate (current)

WE1
from 2026-04-22 to 2026-07-21
Expires in 63 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.myfitnesspal.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
base-uri 'self';object-src 'none';frame-ancestors 'self' *.dev.myfitnesspal.com *.trainerize.com https://api.gymengine.com https://trainerizealeks.gymengine.com https://pasta.gymengine.com https://vytest1.gymengine.com https://emmatestcompany1.gymengine.com https://api.gymengine2.com https://aleks1.gymengine2.com https://pasta.gymengine2.com https://vytest1.gymengine2.com https://emmamain.gymengine2.com https://api.trzdev22.com https://123456784.trzdev22.com https://trainerizealeks.trzdev22.com https://service-nutrition-dev3.trzdev.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:;report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub418a37a797e400b700164dc61de1dc7e&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env%3Anutrition-prod%2Cservice%3Aweb-main
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (6)

Linked from (1)