venmo.com Open in urlscan Pro
65.9.77.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.venmo.com/u/theoldstill
Effective URL:
https://venmo.com/u/theoldstill
Submission: On June 30 via api (June 30th 2021, 7:00:24 am UTC) from IE

Summary HTTP 24 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 24 HTTP transactions. The main IP is 65.9.77.19, located in United States and belongs to AMAZON-02, US. The main domain is venmo.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 18th 2020. Valid for: 2 years.

This is the only time venmo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	143.204.98.81 143.204.98.81	16509 (AMAZON-02) (AMAZON-02)
6	65.9.77.19 65.9.77.19	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
1	65.9.84.191 65.9.84.191	16509 (AMAZON-02) (AMAZON-02)
2	65.9.77.30 65.9.77.30	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:3::645 2a04:4e42:3::645	54113 (FASTLY) (FASTLY)
1	65.9.84.20 65.9.84.20	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
1	138.197.155.84 138.197.155.84	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
24	16

2 143.204.98.81 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-81.fra50.r.cloudfront.net

www.venmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.77.19 (United States)

ASN16509 (AMAZON-02, US)

venmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.191 (United States)

ASN16509 (AMAZON-02, US)

d2zah9y47r7bi2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.77.30 (United States)

ASN16509 (AMAZON-02, US)

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.20 (United States)

ASN16509 (AMAZON-02, US)

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.155.84 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: prd-usage-1.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	venmo.com 2 redirects www.venmo.com venmo.com	1 MB
5	mparticle.com jssdkcdns.mparticle.com identity.mparticle.com jssdks.mparticle.com	51 KB
2	plaid.com cdn.plaid.com	52 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	76 KB
1	trackjs.com usage.trackjs.com	229 B
1	google.de www.google.de	107 B
1	google.com www.google.com	63 B
1	doubleclick.net stats.g.doubleclick.net	84 B
1	facebook.com www.facebook.com
1	amplitude.com cdn.amplitude.com	19 KB
1	cloudfront.net d2zah9y47r7bi2.cloudfront.net	9 KB
24	12

	Domain	Requested by
6	venmo.com	venmo.com
2	jssdks.mparticle.com	d2zah9y47r7bi2.cloudfront.net
2	identity.mparticle.com	d2zah9y47r7bi2.cloudfront.net
2	cdn.plaid.com	venmo.com cdn.plaid.com
2	www.google-analytics.com	venmo.com www.google-analytics.com
2	connect.facebook.net	venmo.com connect.facebook.net
2	www.venmo.com	2 redirects
1	usage.trackjs.com
1	www.google.de	venmo.com
1	www.google.com	venmo.com
1	stats.g.doubleclick.net	d2zah9y47r7bi2.cloudfront.net
1	www.facebook.com	d2zah9y47r7bi2.cloudfront.net
1	cdn.amplitude.com	jssdkcdns.mparticle.com
1	d2zah9y47r7bi2.cloudfront.net	venmo.com
1	jssdkcdns.mparticle.com	venmo.com
24	15

This site contains links to these domains. Also see Links.

Domain
blog.venmo.com
help.venmo.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
ops.venmo.com DigiCert SHA2 Extended Validation Server CA	`2020-06-18` - `2022-06-06`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
jssdkcdns.mparticle.com R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2019-05-27` - `2021-07-17`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
jssdks.mparticle.com R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.trackjs.com RapidSSL RSA CA 2018	`2019-06-11` - `2021-09-09`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://venmo.com/u/theoldstill
Frame ID: 329EF1EE765E8D13CE1035BD129B3D33
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.venmo.com/u/theoldstill HTTP 301
https://www.venmo.com/u/theoldstill HTTP 301
https://venmo.com/u/theoldstill Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

24
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

15
Subdomains

16
IPs

4
Countries

1691 kB
Transfer

4194 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://blog.venmo.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://help.venmo.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/venmo/id351727428?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.venmo

Search URL Search Domain Scan URL

URL: http://help.venmo.com/
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.venmo.com/u/theoldstill HTTP 301
https://www.venmo.com/u/theoldstill HTTP 301
https://venmo.com/u/theoldstill Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request theoldstill Show response
venmo.com/u/
Redirect Chain

http://www.venmo.com/u/theoldstill
https://www.venmo.com/u/theoldstill
https://venmo.com/u/theoldstill

15 KB
7 KB

502ms
452ms

Document
text/html

65.9.77.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://venmo.com/u/theoldstill

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Venmo / Express

Resource Hash

807b595e873e719b5d134af63e03dce4982d2bb740eff675871638b306fae8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: venmo.com
:scheme: https
:path: /u/theoldstill
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 30 Jun 2021 07:00:05 GMT
cache-control: no-cache
content-encoding: gzip
set-cookie: v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067; Max-Age=157680000; Domain=venmo.com; Path=/; Expires=Mon, 29 Jun 2026 07:00:05 GMT; Secure
x-envoy-upstream-service-time: 137
x-frame-options: SAMEORIGIN
x-powered-by: Express
strict-transport-security: max-age=31536000 max-age=31536000
server: Venmo
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
etag: W/"3d34-kPRLGmLuIYpYcRlLqmDFKjFPH/8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 6-LYYimE5YIOXu4L5d1C8bLtL5e7qRYjcKV46htF_zg5rq0KCbDE_g==

Redirect headers

content-type: text/html
content-length: 178
location: https://venmo.com/u/theoldstill
date: Wed, 30 Jun 2021 07:00:04 GMT
server: Venmo
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lXwDHgjN_GlFGQlX-H-Q61RqX-MeID9LcEedQdp1e9tUyERjob1OnQ==

GET
H2 200 webapp.a4fcfb07852db58b73b8.compiled.css
venmo.com/build/stylesheets/ 247 KB
59 KB 400ms
399ms Stylesheet
text/css 65.9.77.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://venmo.com/build/stylesheets/webapp.a4fcfb07852db58b73b8.compiled.css

Requested by

Host: venmo.com
URL: https://venmo.com/u/theoldstill

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Venmo /

Resource Hash

b333cdec633637454219b61174786d674cf10d03095ec07e41a47f52b0b612de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /build/stylesheets/webapp.a4fcfb07852db58b73b8.compiled.css
pragma: no-cache
cookie: v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: venmo.com
referer: https://venmo.com/u/theoldstill
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://venmo.com/u/theoldstill
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 07:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jun 2021 13:44:29 GMT
server: Venmo
x-frame-options: SAMEORIGIN
etag: W/"3da17-17a2ed0ba48"
strict-transport-security: max-age=31536000 max-age=31536000
content-type: text/css; charset=UTF-8
via: 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
set-cookie: v_id=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067; Max-Age=157680000; Domain=venmo.com; Path=/; Expires=Mon, 29 Jun 2026 07:00:05 GMT; Secure
accept-ranges: bytes
x-amz-cf-id: TKSNJ8d8ZeFNW8XJNYfi4aIUDTy4f_fXDh_V0R89Dr8tFLidkx1c8w==

GET
H2 200 error.png
venmo.com/build/images/bizprofile/ 286 KB
287 KB 416ms
415ms Image
image/png 65.9.77.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venmo.com/build/images/bizprofile/error.png

Requested by

Host: venmo.com
URL: https://venmo.com/u/theoldstill

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Venmo /

Resource Hash

a86e4f20bbdc8b5b506c2771c6ef8a28d3ff6fd4bfbfb92e14f56d3c6de897a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /build/images/bizprofile/error.png
pragma: no-cache
cookie: v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: venmo.com
referer: https://venmo.com/u/theoldstill
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://venmo.com/u/theoldstill
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 07:00:05 GMT
via: 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 10
strict-transport-security: max-age=31536000 max-age=31536000
content-length: 292938
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jun 2021 13:42:59 GMT
server: Venmo
etag: W/"4784a-17a2ecf5ab8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
set-cookie: v_id=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067; Max-Age=157680000; Domain=venmo.com; Path=/; Expires=Mon, 29 Jun 2026 07:00:05 GMT; Secure
accept-ranges: bytes
x-amz-cf-id: 6sojIBaSzbL0PW-09J3ecoexC76lGD8HdO7vzkcagwwi4g2XpkyDIg==

GET
H2 200 apple-app-store.png
venmo.com/build/images/ 42 KB
42 KB 423ms
423ms Image
image/png 65.9.77.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venmo.com/build/images/apple-app-store.png

Requested by

Host: venmo.com
URL: https://venmo.com/u/theoldstill

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Venmo /

Resource Hash

622cd21a484947d7e042e5e581b569a88745c099ec42122427ef7be1aff44f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /build/images/apple-app-store.png
pragma: no-cache
cookie: v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: venmo.com
referer: https://venmo.com/u/theoldstill
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://venmo.com/u/theoldstill
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 07:00:05 GMT
via: 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=31536000 max-age=31536000
content-length: 42556
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jun 2021 13:42:59 GMT
server: Venmo
etag: W/"a63c-17a2ecf5ab8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
set-cookie: v_id=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067; Max-Age=157680000; Domain=venmo.com; Path=/; Expires=Mon, 29 Jun 2026 07:00:05 GMT; Secure
accept-ranges: bytes
x-amz-cf-id: ldVig_R_5eiR51PmCw8GYZ81aLa5LxB_P1khFKls8wKIdTP5AUXKHw==

GET
H2 200 google-play-badge.png
venmo.com/build/images/ 18 KB
18 KB 476ms
476ms Image
image/png 65.9.77.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venmo.com/build/images/google-play-badge.png

Requested by

Host: venmo.com
URL: https://venmo.com/u/theoldstill

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Venmo /

Resource Hash

14a7270311e1c00220cb6f4a7358328c11339b7b30a3ddaadcc3626d05a6b058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /build/images/google-play-badge.png
pragma: no-cache
cookie: v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: venmo.com
referer: https://venmo.com/u/theoldstill
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://venmo.com/u/theoldstill
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 07:00:05 GMT
via: 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=31536000 max-age=31536000
content-length: 18215
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jun 2021 13:42:59 GMT
server: Venmo
etag: W/"4727-17a2ecf5ab8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000
set-cookie: v_id=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067; Max-Age=157680000; Domain=venmo.com; Path=/; Expires=Mon, 29 Jun 2026 07:00:05 GMT; Secure
accept-ranges: bytes
x-amz-cf-id: wTtc2AUQ2Gzxbyqg7lX_7GHlxlrvpT-5Pl8lTy-n4ZPwKFGevx_P5Q==

GET
H2 200 webapp.a4fcfb07852db58b73b8.min.js Show response
venmo.com/build/js/ 3 MB
1 MB 703ms
703ms Script
application/javascript 65.9.77.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://venmo.com/build/js/webapp.a4fcfb07852db58b73b8.min.js

Requested by

Host: venmo.com
URL: https://venmo.com/u/theoldstill

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Venmo /

Resource Hash

d9d4c972975b5621345445693a251e73a8d5485bfd8ef2acff04e147ce873d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://venmo.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: script
cookie: v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067
:path: /build/js/webapp.a4fcfb07852db58b73b8.min.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: venmo.com
referer: https://venmo.com/u/theoldstill
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://venmo.com
Referer: https://venmo.com/u/theoldstill
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 07:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Jun 2021 13:44:29 GMT
server: Venmo
x-frame-options: SAMEORIGIN
etag: W/"2dbe9a-17a2ed0ba48"
strict-transport-security: max-age=31536000 max-age=31536000
content-type: application/javascript; charset=UTF-8
via: 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
set-cookie: v_id=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT v_id=fp01-de749a5b-b7f3-484f-88a1-4ec15e25b067; Max-Age=157680000; Domain=venmo.com; Path=/; Expires=Mon, 29 Jun 2026 07:00:05 GMT; Secure
accept-ranges: bytes
x-amz-cf-id: 1MgWJJ9B_luARkVch1KHtVA7X83-6dr6Jhna9e5KPDSG620cQcS2wA==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: venmo.com
URL: https://venmo.com/u/theoldstill

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

925f94e0b36b60ddffc61d2482ee57d778e39c10c05cb7f81e633222542d3cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /v/XrhvM6KpWqLw95yQqgg==
cross-origin-resource-policy: cross-origin
expires: Wed, 30 Jun 2021 07:13:37 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: LqMku5c+pRGxujLTfPHKezTnioD6zm4xIge+gfgz6NAbGTlHIXgQIg/Yl+2jCEsuAXwInJzz4nHP49AjM+v3MQ==
x-fb-trip-id: 686109401
x-fb-content-md5: dff5eacb92f6b658d11e3ed313449bbd
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Wed, 30 Jun 2021 07:00:05 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "613d93cb8992c28e4c09db217f6ed786"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: venmo.com
URL: https://venmo.com/u/theoldstill

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5300
date: Wed, 30 Jun 2021 05:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 30 Jun 2021 07:31:45 GMT

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/ 192 KB
50 KB 58ms
15ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js
Requested by: Host: venmo.com
URL: https://venmo.com/u/theoldstill
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: cccd5c7c8277904517399addf6c5dc391be2d3902c69c53b5a776063052f8e0d

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 07:00:05 GMT
via: 1.1 varnish, 1.1 varnish
age: 2641
x-origin-name: fastlyshield--shield_ssl_cache_dca17747_DCA
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-encoding: gzip
content-length: 51208
x-served-by: cache-dca17747-DCA, cache-hhn4080-HHN
server: Kestrel
x-timer: S1625036406.797836,VS0,VE1
vary: Accept, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 30 Jun 2021 07:16:04 GMT

GET
H/1.1 200
OK tracker.js Show response
d2zah9y47r7bi2.cloudfront.net/releases/current/ 26 KB
9 KB 60ms
18ms Script
application/javascript 65.9.84.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Requested by: Host: venmo.com
URL: https://venmo.com/u/theoldstill
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
Content-Encoding: gzip
ETag: W/"160874c6a444216fd269e7e0e2370aa7"
Age: 70172
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-meta-content-type: application/javascript
Connection: keep-alive
Last-Modified: Thu, 13 Sep 2018 19:10:28 GMT
Server: AmazonS3
Date: Tue, 29 Jun 2021 11:30:34 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 682270ef163d219cc7a50d1af232b97f.cloudfront.net (CloudFront)
Cache-Control: s-max-age=3600, max-age=604800, public
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: UfZgIFplrILSruzoeOqhgjunfNcY23n8Oc0WAfBUt7Ej5pu5w6h-xQ==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 77 KB
24 KB 145ms
62ms Script
application/javascript 65.9.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: venmo.com
URL: https://venmo.com/u/theoldstill
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08f3e34b28a84c785756f64d1a67e1f2e3fb699a912778307c9c82ca8a7854ec

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yIECkJfb4Bg_cnYW92drvj4oXqvw.jaB
content-encoding: gzip
etag: W/"ffcb0e0b2803bb723d47f9beaf69f997"
x-amz-request-id: 78K2MRQCHQHHDTM7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: u4nL+FVwdGsasHmHGUJWut2GNFwVn9V7C3YQUscPw683QziQZ6K89mptAR6Mt+s3qK6syKbvq90=
last-modified: Thu, 24 Jun 2021 13:07:30 GMT
server: AmazonS3
date: Tue, 29 Jun 2021 13:47:52 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: gBSaaUYcaP3HWVkeWDiEJNZevU5uJ2ezNdRAb45eMHBSfOaJGYlYaQ==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 201846346a7e06da7554b4ecd99f14bdbb011257abf42bc61bdaa8a91f122fff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 252 KB
74 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ea504b9504ad89a00897d71c76023add

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19843697fbc5874f0b48b452ad0f6174f39d48f89933ceccf16050b997a6fa0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://venmo.com
Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Yt6LaaW7NCySArHbpHa60g==
cross-origin-resource-policy: cross-origin
expires: Thu, 30 Jun 2022 05:33:35 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75451
x-fb-rlafr: 0
x-fb-debug: ini2gafFlsPx1FuYNHCk+TUzaxvPnIMMWV77QipG16m/sZYORx3+2o8s6lKuYUq/DfAzjrKWuDrY0oQSj6PuHA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: a8ef49fd8175434d6a427de4d0f0746f
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Jun 2021 07:00:05 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d641908a40fd50e632d98f3dc709001f"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1879329126&t=pageview&_s=1&dl=https%3A%2F%2Fvenmo.com%2Fu%2Ftheoldstill&ul=en-us&de=UTF-8&dt=Venmo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=68901032&gjid=1594756949&cid=1766735758.1625036406&tid=UA-15492939-15&_gid=717550946.1625036406&_r=1&_slc=1&z=933192931

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 07:00:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://venmo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ 0
0 71ms
6ms Preflight 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Server

2a04:4e42:3::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Origin: https://venmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type,x-mp-key
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges: bytes
date: Wed, 30 Jun 2021 07:00:05 GMT
via: 1.1 varnish
age: 788
x-served-by: cache-fra19164-FRA
x-cache: HIT
x-cache-hits: 76
x-timer: S1625036406.900949,VS0,VE0
strict-transport-security: max-age=900

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 58ms
22ms Script
application/javascript 65.9.84.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Origin: https://venmo.com
Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 15:36:57 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 14570588
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
via: 1.1 f54d9ad301a95e7dcfde675e1cd5ba89.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: VrYzALYHID1QBdcYsYZlmcCk-aIxWLloPmP6jv8ytwOTtscgcToWwA==

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 175 B
295 B 117ms
117ms XHR
application/json 2a04:4e42:3::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bd8474ab4ff3c52c5b4d1f512a2880836dc54b09bd51a199658138526fb84c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: 40433222e815b743853a4bb6b7a86058
Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Jun 2021 07:00:06 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1625036406.907396,VS0,VE111
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-fra19164-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=900
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 42ms
29ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=180347063770&input_token&origin=1&redirect_uri=https%3A%2F%2Fvenmo.com%2Fu%2Ftheoldstill&sdk=joey&wants_cookie_data=false

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: DE6ywwA6g3HgfADIAKRE85EqrVHBHm386ZfzmkbMo8BAmjy0m/sIBYyK22XKfZLiclwuJW+7Q7zQUtis0vy5hQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Jun 2021 07:00:05 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://venmo.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-15492939-15&cid=1766735758.1625036406&jid=68901032&gjid=1594756949&_gid=717550946.1625036406&_u=YEBAAEAAAAAAAC~&z=1812142701

Requested by

Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 30 Jun 2021 07:00:05 GMT
content-type: text/plain
access-control-allow-origin: https://venmo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 16ms
15ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-15492939-15&cid=1766735758.1625036406&jid=68901032&_u=YEBAAEAAAAAAAC~&z=994468368

Requested by

Host: venmo.com
URL: https://venmo.com/u/theoldstill

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 07:00:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-15492939-15&cid=1766735758.1625036406&jid=68901032&_u=YEBAAEAAAAAAAC~&z=994468368

Requested by

Host: venmo.com
URL: https://venmo.com/u/theoldstill

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Jun 2021 07:00:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1075/ 0
28 KB 24ms
23ms Other
application/javascript 65.9.77.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1075/link-dynamic-loader.js
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hj.LCjlmBu4LbyLfjLXM5KnrAfpO_u0s
content-encoding: gzip
etag: W/"695a60b21687f203d20a1dc932bd56df"
age: 33506
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 24 Jun 2021 13:07:30 GMT
server: AmazonS3
date: Tue, 29 Jun 2021 21:41:40 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: XjNF_ylHesaGmcaN7WpwC7O-9GvgEHmX0OHlAvSmuvsdNedShBdHRA==

POST
H2 202 Events Show response
jssdks.mparticle.com/v2/JS/40433222e815b743853a4bb6b7a86058/ 41 B
293 B 45ms
14ms XHR
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v2/JS/40433222e815b743853a4bb6b7a86058/Events
Requested by: Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 0e656d5cc25c9969be3052712ba2833bf5548ff4b379422a5889403c7616fe76

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 30 Jun 2021 07:00:06 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1625036406.078975,VS0,VE2
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

POST
H2 202 Events Show response
jssdks.mparticle.com/v2/JS/40433222e815b743853a4bb6b7a86058/ 41 B
119 B 45ms
15ms XHR
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v2/JS/40433222e815b743853a4bb6b7a86058/Events
Requested by: Host: d2zah9y47r7bi2.cloudfront.net
URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 0e656d5cc25c9969be3052712ba2833bf5548ff4b379422a5889403c7616fe76

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 30 Jun 2021 07:00:06 GMT
content-encoding: gzip
server: Kestrel
x-timer: S1625036406.078955,VS0,VE3
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by: cache-hhn4051-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
229 B 327ms
108ms Image
image/gif 138.197.155.84
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=42f77a0fdea14510acb1a4afce90f71d&correlationId=3d69ab98-f846-4949-ad77-787ad02bfbf2&application=shabu&x=33cf106a-0557-49df-9cc3-9f901c6e4134&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.197.155.84 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: prd-usage-1.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://venmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 07:00:06 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.venmo.com/	1970-01-20 04:09:32	Name: mprtcl-v4_068342D6 Value: {'gs':{'csm':'WyI0NzAxMDcyNDkwMTc4Nzk1Mjc3Il0='\|'sid':'AE41AC19-CBE1-4661-98C4-3F9FA58F5C46'\|'ie':1\|'dt':'40433222e815b743853a4bb6b7a86058'\|'les':1625036405832\|'cgid':'17d690eb-94a3-4cbc-8793-f7bf1ec5581b'\|'das':'b186e990-4c53-4d6e-b742-f1ec33083256'\|'ssd':1625036405830}\|'cu':'4701072490178795277'\|'l':0}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js(Line 13) Message: A user identification type of customerId was selected in mParticle dashboard, but was not passed to the identity call. Please check your implementation.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.amplitude.com
cdn.plaid.com
connect.facebook.net
d2zah9y47r7bi2.cloudfront.net
identity.mparticle.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
stats.g.doubleclick.net
usage.trackjs.com
venmo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.venmo.com
138.197.155.84
143.204.98.81
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:3::645
2a04:4e42:400::645
65.9.77.19
65.9.77.30
65.9.84.191
65.9.84.20
08f3e34b28a84c785756f64d1a67e1f2e3fb699a912778307c9c82ca8a7854ec
0e656d5cc25c9969be3052712ba2833bf5548ff4b379422a5889403c7616fe76
14a7270311e1c00220cb6f4a7358328c11339b7b30a3ddaadcc3626d05a6b058
19843697fbc5874f0b48b452ad0f6174f39d48f89933ceccf16050b997a6fa0b
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
201846346a7e06da7554b4ecd99f14bdbb011257abf42bc61bdaa8a91f122fff
622cd21a484947d7e042e5e581b569a88745c099ec42122427ef7be1aff44f0e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
807b595e873e719b5d134af63e03dce4982d2bb740eff675871638b306fae8b0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
925f94e0b36b60ddffc61d2482ee57d778e39c10c05cb7f81e633222542d3cbd
a86e4f20bbdc8b5b506c2771c6ef8a28d3ff6fd4bfbfb92e14f56d3c6de897a7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d
b333cdec633637454219b61174786d674cf10d03095ec07e41a47f52b0b612de
bd8474ab4ff3c52c5b4d1f512a2880836dc54b09bd51a199658138526fb84c93
cccd5c7c8277904517399addf6c5dc391be2d3902c69c53b5a776063052f8e0d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9d4c972975b5621345445693a251e73a8d5485bfd8ef2acff04e147ce873d6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

venmo.com Open in urlscan Pro 65.9.77.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

63 %IPv6

12 Domains

15 Subdomains

16 IPs

4 Countries

1691 kBTransfer

4194 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

venmo.com Open in urlscan Pro
65.9.77.19 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

63 %
IPv6

12
Domains

15
Subdomains

16
IPs

4
Countries

1691 kB
Transfer

4194 kB
Size

1
Cookies

24 HTTP transactions
1 data transactions