rack.giftcard.nordstrom.com Open in urlscan Pro
151.101.0.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rack.giftcard.nordstrom.com/self_service/v2/register/
Effective URL:
https://rack.giftcard.nordstrom.com/self_service/v2/register/
Submission Tags: falconsandbox
Submission: On May 18 via api (May 18th 2023, 10:33:12 pm UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 32 HTTP transactions. The main IP is 151.101.0.138, located in United States and belongs to FASTLY, US. The main domain is rack.giftcard.nordstrom.com.
TLS certificate: Issued by GlobalSign Atlas R3 OV TLS CA 2023 Q1 on April 5th 2023. Valid for: a year.

This is the only time rack.giftcard.nordstrom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.128.138 151.101.128.138	54113 (FASTLY) (FASTLY)
7	151.101.0.138 151.101.0.138	54113 (FASTLY) (FASTLY)
7	13.227.219.116 13.227.219.116	16509 (AMAZON-02) (AMAZON-02)
12	151.101.192.138 151.101.192.138	54113 (FASTLY) (FASTLY)
6	2606:4700:440... 2606:4700:4400::ac40:911b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	4

1 151.101.128.138 (United States) 1 redirects

ASN54113 (FASTLY, US)

rack.giftcard.nordstrom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.0.138 (United States)

ASN54113 (FASTLY, US)

rack.giftcard.nordstrom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3static.cashstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.227.219.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-116.ams54.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.192.138 (United States)

ASN54113 (FASTLY, US)

s3static.cashstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.cashstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:911b (United States)

ASN13335 (CLOUDFLARENET, US)

client-api.arkoselabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	cashstar.com s3static.cashstar.com — Cisco Umbrella Rank: 130690 capi.cashstar.com — Cisco Umbrella Rank: 353223	560 KB
7	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2753	184 KB
6	arkoselabs.com client-api.arkoselabs.com — Cisco Umbrella Rank: 16444	107 KB
2	nordstrom.com 1 redirects rack.giftcard.nordstrom.com	4 KB
32	4

	Domain	Requested by
14	s3static.cashstar.com	rack.giftcard.nordstrom.com s3static.cashstar.com
7	consent.trustarc.com	rack.giftcard.nordstrom.com consent.trustarc.com
6	client-api.arkoselabs.com	s3static.cashstar.com client-api.arkoselabs.com
4	capi.cashstar.com	s3static.cashstar.com
2	rack.giftcard.nordstrom.com	1 redirects
32	5

This site contains links to these domains. Also see Links.

Domain
shop.nordstrom.com
www.nordstromrack.com
blackhawknetwork.com
www.cashstar.com

Subject Issuer	Validity	Valid
*.cashstar.com GlobalSign Atlas R3 OV TLS CA 2023 Q1	`2023-04-05` - `2024-05-06`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
arkoselabs.com Cloudflare Inc ECC CA-3	`2022-09-23` - `2023-09-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://rack.giftcard.nordstrom.com/self_service/v2/register/
Frame ID: CB05C048E0106B2189A4EF9BB439A18B
Requests: 25 HTTP requests in this frame

Frame: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.html
Frame ID: 3B23D545BA5E79C244A989F29CD873A3
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nordstrom Rack Self ServiceCashStar, A Blackhawk Network Business

Page URL History Show full URLs

http://rack.giftcard.nordstrom.com/self_service/v2/register/ HTTP 301
https://rack.giftcard.nordstrom.com/self_service/v2/register/ Page URL

Detected technologies

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Page Statistics

32
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

854 kB
Transfer

3379 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.nordstrom.com/content/gift-card-info
Title: FAQ

Search URL Search Domain Scan URL

URL: https://shop.nordstrom.com/content/gift-card-info#anchor-link-terms-and-conditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.nordstromrack.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://blackhawknetwork.com/commitment-to-accessibility/
Title: Commitment to Accessibility

Search URL Search Domain Scan URL

URL: https://www.cashstar.com/
Title: CashStar, A Blackhawk Network Business

Search URL Search Domain Scan URL

URL: https://www.nordstromrack.com/
Title: Nordstrom Rack

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rack.giftcard.nordstrom.com/self_service/v2/register/ HTTP 301
https://rack.giftcard.nordstrom.com/self_service/v2/register/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rack.giftcard.nordstrom.com/self_service/v2/register/
Redirect Chain

http://rack.giftcard.nordstrom.com/self_service/v2/register/
https://rack.giftcard.nordstrom.com/self_service/v2/register/

7 KB
3 KB

823ms
801ms

Document
text/html

151.101.0.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rack.giftcard.nordstrom.com/self_service/v2/register/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.138 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

af1dc1d86833a5d6f2713a76010579fc0ee29652c01b83d2d1d9ca11694c6f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; preload; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
accept-ranges: bytes
access-control-allow-origin: https://rack.giftcard.nordstrom.com
content-encoding: gzip
content-language: en-us
content-length: 2741
content-type: text/html; charset=utf-8
date: Thu, 18 May 2023 22:33:05 GMT
etag: W/"84a88668bd088170cc9cc67bccffd389"
referrer-policy: origin
server: nginx
strict-transport-security: max-age=16070400; preload; includeSubDomains;
vary: Accept-Language, Cookie
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-datadome: protected
x-fastly-service: Prod - Consumer
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-etou8220028-FRA
x-timer: S1684449185.071609,VS0,VE791
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

Accept-Ranges: bytes
Connection: close
Content-Length: 0
Date: Thu, 18 May 2023 22:33:05 GMT
Location: https://rack.giftcard.nordstrom.com/self_service/v2/register/
Retry-After: 0
Server: Varnish
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230049-FRA
X-Timer: S1684449185.042003,VS0,VE0
X-fastly-service: Prod - Consumer

GET
H2 200 DEFAULT.6e522e94bad56eebf49c7c013e7ec631.css
s3static.cashstar.com/media/style/selfie/ 61 KB
12 KB 36ms
8ms Stylesheet
text/css 151.101.0.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3static.cashstar.com/media/style/selfie/DEFAULT.6e522e94bad56eebf49c7c013e7ec631.css
Requested by: Host: rack.giftcard.nordstrom.com
URL: https://rack.giftcard.nordstrom.com/self_service/v2/register/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6534d04da0a3b50fe91ab85da9782b8c0bc65fccf88e0e278f23d0bf53d8190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rack.giftcard.nordstrom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:05 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: GF6ZJXMAVNEWG0CD
age: 3189
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 12110
x-amz-id-2: NBjnBnS+4C53R8sCM+JyPe2pIuUpySXaeK3syJE2Z8DLr+iJDGf6LP8gWANHsu3KTOejhJsVCTE=
x-served-by: cache-fra-etou8220028-FRA
last-modified: Thu, 18 May 2023 11:35:13 GMT
server: AmazonS3
x-timer: S1684449186.905680,VS0,VE1
etag: "6e522e94bad56eebf49c7c013e7ec631"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
s3static.cashstar.com/media/style/selfie/ 62 KB
12 KB 628ms
601ms Stylesheet
text/css 151.101.0.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Requested by: Host: rack.giftcard.nordstrom.com
URL: https://rack.giftcard.nordstrom.com/self_service/v2/register/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce3cb89e0152b5ff11d57bfa4e11a6b662583286c4477365325c72cd8020f68e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rack.giftcard.nordstrom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: GQK79F0940NN8SEK
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
content-length: 12287
x-amz-id-2: 3rGCtP01McdfFt+U0T64wxCDodfpaiuyY4UlAA91muqAkqF680W1MVs4S49d402rD/2o+qkm25g=
x-served-by: cache-fra-etou8220028-FRA
last-modified: Thu, 18 May 2023 11:35:13 GMT
server: AmazonS3
x-timer: S1684449186.905690,VS0,VE592
etag: "ee4360f4d3d0e7c8baf53483d0202a39"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 notice Show response
consent.trustarc.com/ 16 KB
7 KB 336ms
53ms Script
text/javascript 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=blackhawk-cashstar.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1

Requested by

Host: rack.giftcard.nordstrom.com
URL: https://rack.giftcard.nordstrom.com/self_service/v2/register/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

9b1a39317449a4c12b8c96078e34c4382064ca3e0dca652acd195cc6d2a99714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rack.giftcard.nordstrom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 6178
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
cloudfront-viewer-country-region: BY
timing-allow-origin: *
x-amz-cf-id: 5NF6e9vsciYfSorRSk_ISGf1qKcvokt2EG-SlGdXRU1AHV1M9lm16g==
expires: Thu, 18 May 2023 23:33:06 GMT

GET
H2 200 vendor.dc92cfadb5fbda5c285f.js Show response
s3static.cashstar.com/self_service/static/js/ 334 KB
101 KB 10ms
9ms Script
application/javascript 151.101.0.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3static.cashstar.com/self_service/static/js/vendor.dc92cfadb5fbda5c285f.js
Requested by: Host: rack.giftcard.nordstrom.com
URL: https://rack.giftcard.nordstrom.com/self_service/v2/register/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7fe7560f92606d4653050e39d12f208f445ac74c598bf85eec6e005c17c2956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rack.giftcard.nordstrom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: M8DSNGCRK1N0B46V
age: 3190
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 102655
x-amz-id-2: kh4aERrUk7o7+V7mZHdVLB6IX6RfrvTNoSOH0TQrBZ2sabNRkukHEyAboytytLhVnSZO9e7s15o=
x-served-by: cache-fra-etou8220028-FRA
last-modified: Tue, 16 May 2023 21:51:09 GMT
server: AmazonS3
x-timer: S1684449187.533274,VS0,VE1
etag: "9bacea317f8ab9e6515ba0c7a4ca06e9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 main.5fd5b81d6de276395da9.js Show response
s3static.cashstar.com/self_service/static/js/ 2 MB
309 KB 29ms
29ms Script
application/javascript 151.101.0.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3static.cashstar.com/self_service/static/js/main.5fd5b81d6de276395da9.js
Requested by: Host: rack.giftcard.nordstrom.com
URL: https://rack.giftcard.nordstrom.com/self_service/v2/register/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7adb2583c77606162f68bcee4fb89a3ce3bfabfc03a64a264f669e4fc05b9cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rack.giftcard.nordstrom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 7X1J0J0BJFEF8VAP
age: 3189
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 315910
x-amz-id-2: b7scEchlmv7/KjrnvkXq0L8zSguFVzzxfZogRIDCebeVH19EtqVa3bk7RWhlxTOSPDOdhZZL8Ro=
x-served-by: cache-fra-etou8220028-FRA
last-modified: Tue, 16 May 2023 21:51:09 GMT
server: AmazonS3
x-timer: S1684449187.617061,VS0,VE2
etag: "f24d65d3266db82b8c0698d13972705c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 NORDSTROMRACK.json Show response
s3static.cashstar.com/media/webfont/ 153 B
673 B 451ms
416ms XHR
application/json 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3static.cashstar.com/media/webfont/NORDSTROMRACK.json
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/self_service/static/js/vendor.dc92cfadb5fbda5c285f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3f152a65be39f972855dd0b62e95c6b8eac5bcdf02c8ea094dac2862c1ca445

Request headers

Accept: application/json, text/plain, */*
Referer: https://rack.giftcard.nordstrom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:07 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: N329KFB23NE3VPZ2
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 156
x-amz-id-2: UQI2+7JbH2c7/HVcZqJdcwzZlXu7sy3DhpsAref4lzUkBHSfr9lsf7291QSlLliXundgklfU0hk=
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 18 May 2023 11:35:27 GMT
server: AmazonS3
x-timer: S1684449187.940628,VS0,VE408
etag: "80fc9f72ca4ae87724038b23129f3533"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 v1.7-164 Show response
consent.trustarc.com/asset/notice.js/v/ 78 KB
24 KB 60ms
22ms Script
text/javascript 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-164

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=blackhawk-cashstar.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

fcd86e8b75ae82f035ff1f28433dacab9d367f838f707e4482e2f542c0037096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rack.giftcard.nordstrom.com/
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:09:22 GMT
content-encoding: gzip
via: 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 1424
x-cache: Hit from cloudfront
pragma: public
last-modified: Mon, 17 Apr 2023 03:19:03 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: LpR6UzbRxMECJt3cy0GNJbp1jEeXAAyptq-hd92LW4QfOMVpAfwFqg==
expires: Sat, 17 Jun 2023 22:09:22 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
428 B 60ms
59ms Image
image/gif 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=blackhawk-cashstar.com&country=de&state=&behavior=implied&session=d3cc9545-c9b3-4dc6-a49b-cf122c0ca3c7&userType=NEW&c=5a61

Requested by

Host: rack.giftcard.nordstrom.com
URL: https://rack.giftcard.nordstrom.com/self_service/v2/register/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rack.giftcard.nordstrom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 22:33:06 GMT
via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: Am7wBX5SLtONOAe4nqkndO40kEcIM42WTXFAF_uEFY9q_mN7E0BoKg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 17 KB
6 KB 65ms
65ms Script
text/javascript 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=blackhawk-cashstar.com&country=de&js=nj2&c=teconsent&noticeType=bb&text=true&gtm=1

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=blackhawk-cashstar.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

7f1f78958e0bb14874e8d96b8ae91880ec418b928bd017df5eb6045406f40e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rack.giftcard.nordstrom.com/
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 5397
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=3600
cloudfront-viewer-country-region: BY
timing-allow-origin: *
x-amz-cf-id: KepDhVeaRIr_Qsg2d0H1pPbROfIXfE2B7Lev8A7Dfrs-QSq0WwLc7Q==
expires: Thu, 18 May 2023 23:33:07 GMT

GET
H2 200 get
consent.trustarc.com/ 133 KB
71 KB 18ms
17ms Font
font/ttf 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=RobotoBold.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rack.giftcard.nordstrom.com/
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: public
date: Thu, 18 May 2023 22:21:21 GMT
content-encoding: gzip
via: 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 706
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: WDx7L9hKgSY8rYiIBgVMl1iXBmbPsyP71QLp3P1awB-pw1fzJqV3Ag==
expires: Sat, 17 Jun 2023 22:21:21 GMT

GET
H2 200 get
consent.trustarc.com/ 142 KB
76 KB 17ms
17ms Font
font/ttf 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=RobotoRegular.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rack.giftcard.nordstrom.com/
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: public
date: Thu, 18 May 2023 22:07:26 GMT
content-encoding: gzip
via: 1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 1541
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: YWMwNgZEH8I0DCO8udAu2mLat8_-NkBr7JX7mKpN7OgfLQbHpDXsLQ==
expires: Sat, 17 Jun 2023 22:07:26 GMT

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
428 B 52ms
51ms Image
image/gif 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=blackhawk-cashstar.com&behavior=implied&country=de&language=de&rand=0.6930411679083235&session=d3cc9545-c9b3-4dc6-a49b-cf122c0ca3c7&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rack.giftcard.nordstrom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 22:33:07 GMT
via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: Ub3omBbwC-Mq5CYsqDMaqWD5-AjzYhvcH-bHs2OqjhCYjDloBAra7Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fonts.fd601e5b8c8f315e0a2b7b5ac5b2bd65.css
s3static.cashstar.com/media/fonts/NORDSTROMRACK/ 618 B
544 B 410ms
407ms Stylesheet
text/css 151.101.0.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3static.cashstar.com/media/fonts/NORDSTROMRACK/fonts.fd601e5b8c8f315e0a2b7b5ac5b2bd65.css
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/self_service/static/js/main.5fd5b81d6de276395da9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b000e3ef7d18762945881e3879a28874f5fd0b693fd46772b7a0f404c5c1be1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rack.giftcard.nordstrom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:07 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 1N42TABHPX2GEA49
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 230
x-amz-id-2: 1YfcrlfmqB/z6pZMvR81OZxv+fi/gInVM3RGzP40xzSb5Qzfd5dWjg4+g0KmGiv87OC28/KmRnc=
x-served-by: cache-fra-etou8220028-FRA
last-modified: Thu, 18 May 2023 11:35:20 GMT
server: AmazonS3
x-timer: S1684449187.368776,VS0,VE401
etag: "fd601e5b8c8f315e0a2b7b5ac5b2bd65"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 us.json Show response
s3static.cashstar.com/translations/selfie/NORDSTROMRACK/en/ 71 KB
18 KB 632ms
632ms XHR
binary/octet-stream 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3static.cashstar.com/translations/selfie/NORDSTROMRACK/en/us.json
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/self_service/static/js/vendor.dc92cfadb5fbda5c285f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6c2c2655f6fb019d6e0dae351a1c47ce5d662eb86e57a7d9f67e3cb8dd315b2

Request headers

Accept: application/json, text/plain, */*
Referer: https://rack.giftcard.nordstrom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: WV5TW3TFXA66AM9R
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
content-length: 18498
x-amz-id-2: LnINrMjUSxexkSElz0i5S2XdbKZp+oxX0Yz8dj6v2jNJmVtPqMxqxoEODcmhFUn5XjT7hkyZUbY=
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Tue, 09 May 2023 17:09:45 GMT
server: AmazonS3
x-timer: S1684449187.388367,VS0,VE624
etag: "b9d79b6bf438b0672deb06e9ec20d918"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
capi.cashstar.com/v4/promo/ 2 B
318 B 566ms
566ms XHR
application/json 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.cashstar.com/v4/promo/?language=en-us&currency=USD

Requested by

Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/self_service/static/js/vendor.dc92cfadb5fbda5c285f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.138 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Frame-Options	SAMEORIGIN

Request headers

Session-ID
accept-language: de-DE,de;q=0.9
Application-URL
Authorization: Token m2aanj15ixgefn0tintvxpxy96i7prk180aqbrtw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Application-ID
Accept: application/json, text/plain, */*
Referer: https://rack.giftcard.nordstrom.com/

Response headers

strict-transport-security: max-age=16070400
date: Thu, 18 May 2023 22:33:08 GMT
via: 1.1 varnish
x-datadome: protected
x-fastly-service: Prod - CAPI
x-cache: MISS
content-length: 2
x-served-by: cache-fra-eddf8230138-FRA
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
server: nginx
x-timer: S1684449188.125426,VS0,VE558
allow: GET, HEAD, OPTIONS
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://rack.giftcard.nordstrom.com
cache-control: private, no-store
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
capi.cashstar.com/v4/promo/ Frame 0
0 734ms
723ms Preflight
text/html 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.cashstar.com/v4/promo/?language=en-us&currency=USD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.138 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: application-id,application-url,authorization,session-id
Access-Control-Request-Method: GET
Origin: https://rack.giftcard.nordstrom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Device-Name, Device-Model, System-Name, System-Model, Application-ID, Application-URL, SDK-Version, Vendor-ID, Session-ID, x-datadome-clientid
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://rack.giftcard.nordstrom.com
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 18 May 2023 22:33:08 GMT
server: nginx
strict-transport-security: max-age=16070400
vary: Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-datadome: protected
x-fastly-service: Prod - CAPI
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-eddf8230138-FRA
x-timer: S1684449187.399392,VS0,VE714

GET
H2 200 RackSans-Bold-ec517faa3ff28e64aa0b87ee8b38e8d3.ttf
s3static.cashstar.com/media/fonts/NORDSTROMRACK/ 69 KB
34 KB 423ms
422ms Font
font/ttf 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3static.cashstar.com/media/fonts/NORDSTROMRACK/RackSans-Bold-ec517faa3ff28e64aa0b87ee8b38e8d3.ttf
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/media/fonts/NORDSTROMRACK/fonts.fd601e5b8c8f315e0a2b7b5ac5b2bd65.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8b82e7521bae0a6ed508ea1d40a12572ddb6f61b50d8a7715f3d8fbe69a9fa

Request headers

Referer: https://s3static.cashstar.com/media/fonts/NORDSTROMRACK/fonts.fd601e5b8c8f315e0a2b7b5ac5b2bd65.css
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 467KCXZYEMZYPM89
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 35010
x-amz-id-2: Cr8RlxJ0cmxAQXojOLRyxz9AH+5ZPU/HdkUCHnA5ldzUZgGGInYtCCKo9vxwY6vBu3j9/wX7lOE=
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 18 May 2023 11:35:20 GMT
server: AmazonS3
x-timer: S1684449188.780074,VS0,VE413
etag: "ec517faa3ff28e64aa0b87ee8b38e8d3"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 RackSans-Regular-bd93a69510ba57818e214ec296e2caaf.ttf
s3static.cashstar.com/media/fonts/NORDSTROMRACK/ 66 KB
34 KB 397ms
397ms Font
font/ttf 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3static.cashstar.com/media/fonts/NORDSTROMRACK/RackSans-Regular-bd93a69510ba57818e214ec296e2caaf.ttf
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/media/fonts/NORDSTROMRACK/fonts.fd601e5b8c8f315e0a2b7b5ac5b2bd65.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad4b37b8482d4aa0c9ad5d27afea3d9118ea3c2d8c344fd8ab608d76fef5023d

Request headers

Referer: https://s3static.cashstar.com/media/fonts/NORDSTROMRACK/fonts.fd601e5b8c8f315e0a2b7b5ac5b2bd65.css
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: H2E42ZQEP77XRCK6
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 34332
x-amz-id-2: rOxorOr5NdsvqRSIrsOn7qq/IedlgsvfqiWBufFAuaM8pGCFNW7Gph2QCDf+stuNCzWwZYIXG00=
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 18 May 2023 11:35:20 GMT
server: AmazonS3
x-timer: S1684449188.780225,VS0,VE389
etag: "bd93a69510ba57818e214ec296e2caaf"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 api.js Show response
client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/ 54 KB
18 KB 68ms
25ms Script
application/javascript 2606:4700:4400::ac40:911b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/api.js

Requested by

Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/self_service/static/js/main.5fd5b81d6de276395da9.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec17d48a4a236fbf823d2a013ccae965d45e3b7a8a648abb491401d3a6617f41

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; font-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; frame-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; img-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn data:; script-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; default-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; style-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rack.giftcard.nordstrom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age: 2338
x-amz-request-id: ZPFXVHJH6R3CKYPQ
x-amz-server-side-encryption: AES256
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1,client-api
capi-worker-type: universal
x-amz-id-2: 2JRMM3X4cNAlouF8ELYyPAsQj+UIUWyjdeDinDevBzwgl9KygDmjWsFAfg257mb4TccKZzqYML0=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 27 Apr 2023 01:39:04 GMT
server: cloudflare
etag: W/"17c677af21b3c2b8faef017caa8aa59d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=31536000
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray: 7c978f61a98ebbbb-FRA
cf-request-time: 7

GET
H2 200 / Show response
capi.cashstar.com/v4/promo/ 2 B
253 B 696ms
695ms XHR
application/json 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.cashstar.com/v4/promo/?language=en-us&currency=USD

Requested by

Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/self_service/static/js/vendor.dc92cfadb5fbda5c285f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.138 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Frame-Options	SAMEORIGIN

Request headers

Session-ID
accept-language: de-DE,de;q=0.9
Application-URL
Authorization: Token m2aanj15ixgefn0tintvxpxy96i7prk180aqbrtw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Application-ID
Accept: application/json, text/plain, */*
Referer: https://rack.giftcard.nordstrom.com/

Response headers

strict-transport-security: max-age=16070400
date: Thu, 18 May 2023 22:33:09 GMT
via: 1.1 varnish
x-datadome: protected
x-fastly-service: Prod - CAPI
x-cache: MISS
content-length: 2
x-served-by: cache-fra-eddf8230138-FRA
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
server: nginx
x-timer: S1684449189.592751,VS0,VE685
allow: GET, HEAD, OPTIONS
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://rack.giftcard.nordstrom.com
cache-control: private, no-store
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
capi.cashstar.com/v4/promo/ Frame 0
0 519ms
517ms Preflight
text/html 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.cashstar.com/v4/promo/?language=en-us&currency=USD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.138 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: application-id,application-url,authorization,session-id
Access-Control-Request-Method: GET
Origin: https://rack.giftcard.nordstrom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, Device-Name, Device-Model, System-Name, System-Model, Application-ID, Application-URL, SDK-Version, Vendor-ID, Session-ID, x-datadome-clientid
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://rack.giftcard.nordstrom.com
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 18 May 2023 22:33:08 GMT
server: nginx
strict-transport-security: max-age=16070400
vary: Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-datadome: protected
x-fastly-service: Prod - CAPI
x-frame-options: SAMEORIGIN
x-served-by: cache-fra-eddf8230138-FRA
x-timer: S1684449188.073399,VS0,VE508

GET
H2 200 NORDSTROMRACK.png
s3static.cashstar.com/media/images/NORDSTROMRACK/ 36 KB
36 KB 394ms
392ms Image
image/png 151.101.0.138
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3static.cashstar.com/media/images/NORDSTROMRACK/NORDSTROMRACK.png
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99d1870aa69cc1540bfd952aba792edda881af8aa3b766f7e7f0d470d92196fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
via: 1.1 varnish
x-amz-request-id: P9E6SWD8SFH7TCY3
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 36420
x-amz-id-2: VT9u5TOnipJzuOL2qHzm0k2yk1HMxSMWZwgc/A9uWC6q0Vqs7wzzLIjTugX8TMwmc7k3NT+10WI=
x-served-by: cache-fra-etou8220028-FRA
last-modified: Thu, 18 May 2023 11:35:54 GMT
server: AmazonS3
x-timer: S1684449188.073876,VS0,VE384
etag: "399e71761484454d49aae722967c20ed"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 balances.svg
s3static.cashstar.com/media/images/DEFAULT/ 594 B
568 B 10ms
8ms Image
image/svg+xml 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3static.cashstar.com/media/images/DEFAULT/balances.svg
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94d8079671858dc898f78c3cb94a4bfd81ac4554645ed54d1909e16002357088

Request headers

Referer: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: WRB6MHSHW8MXSTKE
age: 2338
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 346
x-amz-id-2: 5s/1HLZe/sVI/KDAtXzmJPaaQWOx3UeT9iRstGmF7XEKmc7fMB8dns8RnCTOVYh+NWi6KHvbgbY=
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 18 May 2023 11:36:40 GMT
server: AmazonS3
x-timer: S1684449188.074029,VS0,VE1
etag: "260fef136d1d7883e039416ee6886baf"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 resend.svg
s3static.cashstar.com/media/images/DEFAULT/ 430 B
497 B 11ms
10ms Image
image/svg+xml 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3static.cashstar.com/media/images/DEFAULT/resend.svg
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 682bcf2235f918379fbaafeb4df516ed9ba265c83340adb2605189532cfc5f6a

Request headers

Referer: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: WRBA0952PF5XBYDR
age: 2338
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 266
x-amz-id-2: Q7ytS/FcweTr7QxE4/GEaNMt557I2wg2rYdlGBT6jta8DlXzU22vTgPrm9ab1/9QqRuhrlJSjkWPnXBuTgCamw==
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 18 May 2023 11:36:40 GMT
server: AmazonS3
x-timer: S1684449188.074369,VS0,VE1
etag: "a95d7c15e7692e854b3cac4715ed3bbf"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 view.svg
s3static.cashstar.com/media/images/DEFAULT/ 810 B
615 B 11ms
9ms Image
image/svg+xml 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3static.cashstar.com/media/images/DEFAULT/view.svg
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efe629a186cce25a5e5ecdf5c70992ea2f9a0734a21c12d9bb8de3c6748f759e

Request headers

Referer: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: HW8BVNM445TPWF60
age: 2338
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 399
x-amz-id-2: j7BP8RrLSBqCZSYxMBhmc7I2j27L558MypqBQstIq1FhDxVXnQEFDi0x5CDFpp25HtGTuzWQdVQ=
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 18 May 2023 11:36:40 GMT
server: AmazonS3
x-timer: S1684449188.074355,VS0,VE1
etag: "e925197317026eadadb4bed0578cb8d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 delivery.svg
s3static.cashstar.com/media/images/DEFAULT/ 551 B
478 B 11ms
10ms Image
image/svg+xml 151.101.192.138
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3static.cashstar.com/media/images/DEFAULT/delivery.svg
Requested by: Host: s3static.cashstar.com
URL: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.138 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76f4bd803a528d2a3ba59ea8709a64242b69a2c0688fad0f8ff2522d05ed4587

Request headers

Referer: https://s3static.cashstar.com/media/style/selfie/NORDSTROMRACK.ee4360f4d3d0e7c8baf53483d0202a39.css
Origin: https://rack.giftcard.nordstrom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: HW82EG6MSJ42BDN1
age: 2338
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 308
x-amz-id-2: 1GAcYy4oJWljJqosIXCIgxj+M4XOjim0vcwjdrgW3GmqphLQyVx2yxN5m0ls+qm0K9tRAowQM2Q=
x-served-by: cache-fra-eddf8230138-FRA
last-modified: Thu, 18 May 2023 11:36:40 GMT
server: AmazonS3
x-timer: S1684449188.074331,VS0,VE1
etag: "6a71ee235b6367f97c19cbb0b478e12c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 enforcement.8c86261625b34875f40282074a3ea330.html Show response
client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/ Frame 3B23 903 B
1018 B 25ms
24ms Document
text/html 2606:4700:4400::ac40:911b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.html

Requested by

Host: client-api.arkoselabs.com
URL: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/api.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41eaef6d8bda7a80873a59790e587adb33b2369544a264ba418243afc8722000

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; font-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; frame-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; img-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn data:; script-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rack.giftcard.nordstrom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2338
cache-control: public, max-age=31536000, immutable
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1,client-api
capi-worker-type: universal
cf-cache-status: HIT
cf-ray: 7c978f61f9ccbbbb-FRA
cf-request-time: 10
content-encoding: br
content-security-policy: connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
content-type: text/html; charset=utf-8
date: Thu, 18 May 2023 22:33:08 GMT
last-modified: Thu, 27 Apr 2023 01:39:04 GMT
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-amz-id-2: mplGHoR/WtBbBg7bJwW71Q6dwCC1TGQzco7tszSKsXDONM1755PJjj9yceIeDakEGTHxLksXXJxP44fOhTTf3w==
x-amz-request-id: YKV434TWKBP743KP
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 enforcement.8c86261625b34875f40282074a3ea330.js Show response
client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/ Frame 3B23 108 KB
38 KB 33ms
23ms Script
application/javascript 2606:4700:4400::ac40:911b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.js

Requested by

Host: client-api.arkoselabs.com
URL: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dffe7a2fa9e78f81e2fb414f83d5c36e6251b018fbf24326a0fd8986fc82efa

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; font-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; frame-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; img-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn data:; script-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; default-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; style-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.html
Origin: https://client-api.arkoselabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age: 2338
x-amz-request-id: YKV2DJ1CPKTAP3DW
x-amz-server-side-encryption: AES256
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1,client-api
capi-worker-type: universal
x-amz-id-2: 0MzMZxaLVIWYcVyJg6OzPfCKE0fwmOyZOZe3kE28yZsTE4HFnWv1VjTRGt1WHK3+pNg1PxtSFpE=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 27 Apr 2023 01:39:04 GMT
server: cloudflare
etag: W/"1b26193a8ef3326c953ce6b19d4ea143"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray: 7c978f624a33bbbb-FRA
cf-request-time: 7

GET
H2 200 settings Show response
client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/ Frame 3B23 342 B
481 B 31ms
30ms XHR
application/xml 2606:4700:4400::ac40:911b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/settings

Requested by

Host: client-api.arkoselabs.com
URL: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd833d0d467037a2db2f90e51bdb725924a73a1061db778abeca7f1188579f89

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; font-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; frame-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; img-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn data:; script-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; default-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; style-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age: 2338
x-amz-request-id: 29CNRSKAA0J6Y3JT
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1,client-api
capi-worker-type: universal
x-amz-id-2: prBQaCAmJDGo3QtsQ2EFbT7f+k8B7HMhvBUJoUGj1rjjLKd4mvMf2vQl0v7WHFWuLe+3xqsMZCbSzAWenWBGwg==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 May 2023 21:54:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=31536000
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray: 7c978f629a7ebbbb-FRA
cf-request-time: 11

GET
H2 200 / Show response
client-api.arkoselabs.com/fc/api/sri/ Frame 3B23 145 B
215 B 16ms
15ms XHR
text/plain 2606:4700:4400::ac40:911b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.arkoselabs.com/fc/api/sri/

Requested by

Host: client-api.arkoselabs.com
URL: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cefea4b2f781e3c6bb24b4ba2a90a49b7fdeaa9983fedc6d3c7794c78d7c86d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cf-ray: 7c978f629a7fbbbb-FRA
x-xss-protection: 1; mode=block

GET
H2 200 funcaptcha_api.js Show response
client-api.arkoselabs.com/cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/ Frame 3B23 147 KB
50 KB 26ms
26ms Script
application/javascript 2606:4700:4400::ac40:911b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.arkoselabs.com/cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/funcaptcha_api.js?onload=loadChallenge

Requested by

Host: client-api.arkoselabs.com
URL: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2606:4700:4400::ac40:911b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc6e12937bf14b898184c6d4c863cd33ca09732c43d2e0a322eafc9f5c61557

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/1.4.3/enforcement.8c86261625b34875f40282074a3ea330.html
Origin: https://client-api.arkoselabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:33:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; media-src 'self' data:; connect-src 'self'
age: 80417
x-amz-request-id: 8QTM488J1JZ8607G
x-amz-server-side-encryption: AES256
x-amz-version-id: js6Xlp6Z7xNtDrBHyzcLHcTB0YN._K9R
x-amz-id-2: 0PuY6ioAA7T4jxgTVzGJZzXskvXvdjCiIqteaJVgdUsDw36wfEfKMLwzCWtzL72fIDM97YeWuOU=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 May 2023 04:07:54 GMT
server: cloudflare
etag: W/"3763ca5c6d75616a43468902aff7b465"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7c978f62ba99bbbb-FRA

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nordstrom.com/	1970-01-20 20:39:45	Name: datadome Value: 1lXhvJphhPhWSBXD5V2Sk5YDAUJP62qwya4EyDA1cQaIEUKhuUEiYGz_79JR3zba1g_yEWsuzRnX060VO2ziDDvGLvv-JnWpIMhFyWcet_k3IZNz3ElQ33wttPHfgPOT
rack.giftcard.nordstrom.com/	1970-01-20 11:55:35	Name: selfiesessionid Value: 19cqxayk4hxxj98pzyfvrqyaty41m2cd
.rack.giftcard.nordstrom.com/	1970-01-20 11:54:10	Name: TAsessionID Value: d3cc9545-c9b3-4dc6-a49b-cf122c0ca3c7\|NEW
.rack.giftcard.nordstrom.com/	1969-12-31 23:59:59	Name: notice_behavior Value: implied,eu
.arkoselabs.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 29iwgK0p0GNOwjZoAq1JZkOlLvMoNMRD9cpcc3Iy_QI-1684449188122-0-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; preload; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

capi.cashstar.com
client-api.arkoselabs.com
consent.trustarc.com
rack.giftcard.nordstrom.com
s3static.cashstar.com
13.227.219.116
151.101.0.138
151.101.128.138
151.101.192.138
2606:4700:4400::ac40:911b
0bc6e12937bf14b898184c6d4c863cd33ca09732c43d2e0a322eafc9f5c61557
41eaef6d8bda7a80873a59790e587adb33b2369544a264ba418243afc8722000
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
682bcf2235f918379fbaafeb4df516ed9ba265c83340adb2605189532cfc5f6a
6dffe7a2fa9e78f81e2fb414f83d5c36e6251b018fbf24326a0fd8986fc82efa
76f4bd803a528d2a3ba59ea8709a64242b69a2c0688fad0f8ff2522d05ed4587
7adb2583c77606162f68bcee4fb89a3ce3bfabfc03a64a264f669e4fc05b9cee
7f1f78958e0bb14874e8d96b8ae91880ec418b928bd017df5eb6045406f40e25
9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70
94d8079671858dc898f78c3cb94a4bfd81ac4554645ed54d1909e16002357088
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99d1870aa69cc1540bfd952aba792edda881af8aa3b766f7e7f0d470d92196fb
9b1a39317449a4c12b8c96078e34c4382064ca3e0dca652acd195cc6d2a99714
ab8b82e7521bae0a6ed508ea1d40a12572ddb6f61b50d8a7715f3d8fbe69a9fa
ad4b37b8482d4aa0c9ad5d27afea3d9118ea3c2d8c344fd8ab608d76fef5023d
af1dc1d86833a5d6f2713a76010579fc0ee29652c01b83d2d1d9ca11694c6f33
b000e3ef7d18762945881e3879a28874f5fd0b693fd46772b7a0f404c5c1be1b
b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
b3f152a65be39f972855dd0b62e95c6b8eac5bcdf02c8ea094dac2862c1ca445
bd833d0d467037a2db2f90e51bdb725924a73a1061db778abeca7f1188579f89
ce3cb89e0152b5ff11d57bfa4e11a6b662583286c4477365325c72cd8020f68e
cefea4b2f781e3c6bb24b4ba2a90a49b7fdeaa9983fedc6d3c7794c78d7c86d2
d6534d04da0a3b50fe91ab85da9782b8c0bc65fccf88e0e278f23d0bf53d8190
e6c2c2655f6fb019d6e0dae351a1c47ce5d662eb86e57a7d9f67e3cb8dd315b2
ec17d48a4a236fbf823d2a013ccae965d45e3b7a8a648abb491401d3a6617f41
efe629a186cce25a5e5ecdf5c70992ea2f9a0734a21c12d9bb8de3c6748f759e
f7fe7560f92606d4653050e39d12f208f445ac74c598bf85eec6e005c17c2956
fcd86e8b75ae82f035ff1f28433dacab9d367f838f707e4482e2f542c0037096

rack.giftcard.nordstrom.com Open in urlscan Pro 151.101.0.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

4 IPs

1 Countries

854 kBTransfer

3379 kBSize

5 Cookies

6 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rack.giftcard.nordstrom.com Open in urlscan Pro
151.101.0.138 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

854 kB
Transfer

3379 kB
Size

5
Cookies

32 HTTP transactions
0 data transactions