share.starbucks.com Open in urlscan Pro
3.92.116.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://share.starbucks.com/
Effective URL:
https://share.starbucks.com/
Submission: On December 02 via api (December 2nd 2022, 7:15:48 am UTC) from US — Scanned from US

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 3.92.116.238, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is share.starbucks.com.
TLS certificate: Issued by R3 on October 30th 2022. Valid for: 3 months.

This is the only time share.starbucks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.209.142.208 18.209.142.208	14618 (AMAZON-AES) (AMAZON-AES)
4	3.92.116.238 3.92.116.238	14618 (AMAZON-AES) (AMAZON-AES)
9	2600:141b:f00... 2600:141b:f000:4a2::10f5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:141b:f00... 2600:141b:f000:484::10f5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	3

1 18.209.142.208 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-142-208.compute-1.amazonaws.com

share.starbucks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.92.116.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-116-238.compute-1.amazonaws.com

share.starbucks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:141b:f000:4a2::10f5 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

origin.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-7.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-0.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-3.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:f000:484::10f5 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

origin-2.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
origin-4.xtlo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	xtlo.net origin.xtlo.net — Cisco Umbrella Rank: 19223 origin-7.xtlo.net — Cisco Umbrella Rank: 172795 origin-0.xtlo.net — Cisco Umbrella Rank: 383318 origin-3.xtlo.net — Cisco Umbrella Rank: 355568 origin-2.xtlo.net — Cisco Umbrella Rank: 370588 origin-4.xtlo.net — Cisco Umbrella Rank: 20926	404 KB
5	starbucks.com 1 redirects share.starbucks.com	23 KB
15	2

	Domain	Requested by
5	share.starbucks.com	1 redirects share.starbucks.com
4	origin.xtlo.net	share.starbucks.com origin.xtlo.net
2	origin-3.xtlo.net	share.starbucks.com
2	origin-0.xtlo.net	share.starbucks.com
1	origin-4.xtlo.net	share.starbucks.com
1	origin-2.xtlo.net	share.starbucks.com
1	origin-7.xtlo.net	share.starbucks.com
15	7

This site contains links to these domains. Also see Links.

Domain
www.starbucks.com
www.extole.com

Subject Issuer	Validity	Valid
share.starbucks.com R3	`2022-10-30` - `2023-01-28`	3 months	crt.sh
media.extole.com GeoTrust RSA CA 2018	`2022-07-25` - `2023-07-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://share.starbucks.com/
Frame ID: A075F469A44B5518093B39B2A4E65DDF
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Starbucks Referral Program

Page URL History Show full URLs

http://share.starbucks.com/ HTTP 301
https://share.starbucks.com/ Page URL

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

7
Subdomains

3
IPs

1
Countries

427 kB
Transfer

496 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.starbucks.com/terms/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.extole.com/powered-by-extole/
Title: Powered by Extole

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://share.starbucks.com/ HTTP 301
https://share.starbucks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
share.starbucks.com/
Redirect Chain

http://share.starbucks.com/
https://share.starbucks.com/

22 KB
5 KB

498ms
128ms

Document
text/html

3.92.116.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://share.starbucks.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.92.116.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-116-238.compute-1.amazonaws.com

Software

Extole /

Resource Hash

03bf00a8a4a25a889ddf85681af1c81dc141ccfa3570e0ae69c5777863730dad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.extole.com frame-ancestors https://.extole.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://.extole.com ALLOW-FROM https://.extole.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-expose-headers: X-Extole-Token
content-encoding: gzip
content-length: 4694
content-security-policy: frame-ancestors https://*.extole.com frame-ancestors https://*.extole.com
content-type: text/html;charset=UTF-8
date: Fri, 02 Dec 2022 07:15:30 GMT
p3p: CP="Please see our privacy policy"
server: Extole
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Accept-Encoding
x-extole-token: DKU23K400ITO7S8C0EGFJ80CU0
x-frame-options: ALLOW-FROM https://*.extole.com ALLOW-FROM https://*.extole.com

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Access-Control-Expose-Headers: X-Extole-Token
Connection: keep-alive
Content-Length: 0
Date: Fri, 02 Dec 2022 07:15:29 GMT
Location: https://share.starbucks.com/
P3P: CP="Please see our privacy policy"
Server: Extole
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin

GET
H/1.1 200
OK sodo-sans.css
origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/ 14 KB
1 KB 588ms
44ms Stylesheet
text/css 2600:141b:f000:4a2::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/sodo-sans.css
Requested by: Host: share.starbucks.com
URL: https://share.starbucks.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a2::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: bbbcd74897e9eff912d826843b729f80990435c8d79d0f09d74550207079f1d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://share.starbucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:14:58 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591958
Connection: keep-alive
Content-Length: 750

GET
H2 200 core.js Show response
share.starbucks.com/ 48 KB
16 KB 255ms
74ms Script
application/javascript 3.92.116.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://share.starbucks.com/core.js

Requested by

Host: share.starbucks.com
URL: https://share.starbucks.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.92.116.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-116-238.compute-1.amazonaws.com

Software

Extole /

Resource Hash

a696f739dff92aa69ea8801eaee6406702a7cff57f604a82feaa3e47242d13da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://share.starbucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:15:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Extole
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/javascript
p3p: CP="Please see our privacy policy"
access-control-expose-headers: X-Extole-Token
cache-control: no-transform, max-age=3600
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE

GET
H/1.1 200
OK Screen_Shot_2022-07-06_at_4_42_09_PM_1657143747016.png
origin.xtlo.net/type=creativeArchive:clientId=1361644894:creativeArchiveId=7148093460335946784:version=23:coreAssetsVersion=98/images/ 323 KB
322 KB 746ms
83ms Image
image/png 2600:141b:f000:4a2::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.xtlo.net/type=creativeArchive:clientId=1361644894:creativeArchiveId=7148093460335946784:version=23:coreAssetsVersion=98/images/Screen_Shot_2022-07-06_at_4_42_09_PM_1657143747016.png
Requested by: Host: share.starbucks.com
URL: https://share.starbucks.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a2::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: d1cd965e49bca92cba587fa42e92dfde0348aa61eba241d9767c5488f652d6c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://share.starbucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 17:34:55 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591967
Connection: keep-alive
Content-Length: 329048

GET
H/1.1 200
OK sodosans-bold.woff
origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/ 36 KB
37 KB 720ms
59ms Font
application/x-font-woff 2600:141b:f000:4a2::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/sodosans-bold.woff
Requested by: Host: origin.xtlo.net
URL: https://origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/sodo-sans.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a2::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: d48c177bd74af2c463702ece1fd2bc946327b2a7149ea09e0d2ce2449677e891

Request headers

Referer: https://origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/sodo-sans.css
Origin: https://share.starbucks.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:14:58 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591916
Connection: keep-alive
Content-Length: 37151

GET
H/1.1 200
OK sodosans-regular.woff
origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/ 35 KB
36 KB 730ms
72ms Font
application/x-font-woff 2600:141b:f000:4a2::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/sodosans-regular.woff
Requested by: Host: origin.xtlo.net
URL: https://origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/sodo-sans.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a2::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 488a1be9c1295a99be75ebb32d1f4cc253a8a98ec5b7d06d50081b6ea18164ad

Request headers

Referer: https://origin.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/media/sodo-sans.css
Origin: https://share.starbucks.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:14:58 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591976
Connection: keep-alive
Content-Length: 36032

GET
H/1.1 200
OK MainView.js Show response
origin-7.xtlo.net/type=creativeArchive:clientId=1361644894:creativeArchiveId=7148093460335946784:version=23:coreAssetsVersion=98/js/ 1 KB
861 B 1029ms
44ms Script
application/javascript 2600:141b:f000:4a2::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-7.xtlo.net/type=creativeArchive:clientId=1361644894:creativeArchiveId=7148093460335946784:version=23:coreAssetsVersion=98/js/MainView.js?site=share.starbucks.com
Requested by: Host: share.starbucks.com
URL: https://share.starbucks.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a2::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 750f14cd512f49a4f9e835262ccf8865052eac01df29a6ca29014a962e5dcbbe

Request headers

Referer: https://share.starbucks.com/
Origin: https://share.starbucks.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 17:34:55 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591938
Connection: keep-alive
Content-Length: 502

GET
H/1.1 200
OK user-service.js Show response
origin-0.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/ 6 KB
2 KB 1140ms
45ms Script
application/javascript 2600:141b:f000:4a2::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-0.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/user-service.js?site=share.starbucks.com
Requested by: Host: share.starbucks.com
URL: https://share.starbucks.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a2::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 3b624885461e50f32b6e2daf11e72af3b9248f763d2c00a577ff609bff238c3b

Request headers

Referer: https://share.starbucks.com/
Origin: https://share.starbucks.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:14:58 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591956
Connection: keep-alive
Content-Length: 1893

GET
H/1.1 200
OK create-zone-builder.js Show response
origin-3.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/ 1 KB
937 B 1165ms
69ms Script
application/javascript 2600:141b:f000:4a2::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-3.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/create-zone-builder.js?site=share.starbucks.com
Requested by: Host: share.starbucks.com
URL: https://share.starbucks.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a2::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 7a9d02b2e6462fe59c19482f138c12d0e76cad437bbb137be3b484ac66ee8247

Request headers

Referer: https://share.starbucks.com/
Origin: https://share.starbucks.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:14:58 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2592000
Connection: keep-alive
Content-Length: 578

GET
H/1.1 200
OK ElementControl.js Show response
origin-0.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/client/ 3 KB
1 KB 1151ms
56ms Script
application/javascript 2600:141b:f000:4a2::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-0.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/client/ElementControl.js?site=share.starbucks.com
Requested by: Host: share.starbucks.com
URL: https://share.starbucks.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a2::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 404f340fc37bbce0f9d67dfcccf5ee24ed9a38caf31aa315ceb1fad6f4a5b0ae

Request headers

Referer: https://share.starbucks.com/
Origin: https://share.starbucks.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:14:58 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2592000
Connection: keep-alive
Content-Length: 1056

GET
H/1.1 200
OK view-state.js Show response
origin-2.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/client/ 1 KB
822 B 1158ms
66ms Script
application/javascript 2600:141b:f000:484::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-2.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/client/view-state.js?site=share.starbucks.com
Requested by: Host: share.starbucks.com
URL: https://share.starbucks.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:484::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: c001778b3bf918d01b5ddbf1cb9a25bf39086606701024ec7480fab8cac8e056

Request headers

Referer: https://share.starbucks.com/
Origin: https://share.starbucks.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:14:58 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591957
Connection: keep-alive
Content-Length: 463

GET
H/1.1 200
OK device-service.js Show response
origin-3.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/client/ 2 KB
1 KB 1164ms
72ms Script
application/javascript 2600:141b:f000:4a2::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-3.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/client/device-service.js?site=share.starbucks.com
Requested by: Host: share.starbucks.com
URL: https://share.starbucks.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a2::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 730d05b6c843180c50fdc1c64f78044cd147e1729773abe7d620c6c9cd8146ec

Request headers

Referer: https://share.starbucks.com/
Origin: https://share.starbucks.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:14:58 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591974
Connection: keep-alive
Content-Length: 846

GET
H/1.1 200
OK api.js Show response
origin-4.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/ 4 KB
2 KB 2006ms
64ms Script
application/javascript 2600:141b:f000:484::10f5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://origin-4.xtlo.net/type=core:clientId=1361644894:coreAssetsVersion=98/common/api.js?site=share.starbucks.com
Requested by: Host: share.starbucks.com
URL: https://share.starbucks.com/core.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:484::10f5 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Extole /
Resource Hash: 51d1c408acd3f6707b716aa1744bcf0f1e767eb6c1150fb5eca768a7c0fba1b8

Request headers

Referer: https://share.starbucks.com/
Origin: https://share.starbucks.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 07:15:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 07:14:59 GMT
Server: Extole
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, max-age=2591962
Connection: keep-alive
Content-Length: 1413

POST
H2 200 logs Show response
share.starbucks.com/api/v4/debug/ 43 B
602 B 563ms
0ms XHR
application/json 3.92.116.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://share.starbucks.com/api/v4/debug/logs

Requested by

Host: share.starbucks.com
URL: https://share.starbucks.com/core.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.92.116.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-116-238.compute-1.amazonaws.com

Software

Extole /

Resource Hash

12ab778fa6218a9096cd600179009b81d01098c60988028830b3a81141b3612e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://share.starbucks.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Dec 2022 07:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Extole
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://share.starbucks.com
access-control-expose-headers: X-Extole-Token
cache-control: no-cache
access-control-allow-credentials: true
p3p: CP="Please see our privacy policy"
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length: 63
expires: Fri, 02 Dec 2022 07:15:35 GMT

GET
H2 200 me Show response
share.starbucks.com/api/v4/ 274 B
796 B 887ms
0ms XHR
application/json 3.92.116.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://share.starbucks.com/api/v4/me

Requested by

Host: share.starbucks.com
URL: https://share.starbucks.com/core.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.92.116.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-116-238.compute-1.amazonaws.com

Software

Extole /

Resource Hash

b9ba5c51872285bc64f8aa5b4bdd3380318427fa841293a63bd52fa73f4e6280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://share.starbucks.com/
accept-language: en-US,en;q=0.9
x-extole-app: javascript_sdk
authorization: DKU23K400ITO7S8C0EGFJ80CU0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
content-type: application/json

Response headers

date: Fri, 02 Dec 2022 07:15:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Extole
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json
p3p: CP="Please see our privacy policy"
access-control-expose-headers: X-Extole-Token
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authentication,Authorization,X-CSRF-TOKEN,X-NONCE
content-length: 172
expires: Fri, 02 Dec 2022 07:15:35 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| extole

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.share.starbucks.com/	1970-01-20 16:38:21	Name: access_token Value: DKU23K400ITO7S8C0EGFJ80CU0
.share.starbucks.com/	1970-01-20 16:38:21	Name: xtl_bid Value: 7172446474218089795
share.starbucks.com/	1970-01-20 16:38:21	Name: extole_access_token Value: DKU23K400ITO7S8C0EGFJ80CU0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://.extole.com frame-ancestors https://.extole.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://.extole.com ALLOW-FROM https://.extole.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

origin-0.xtlo.net
origin-2.xtlo.net
origin-3.xtlo.net
origin-4.xtlo.net
origin-7.xtlo.net
origin.xtlo.net
share.starbucks.com
18.209.142.208
2600:141b:f000:484::10f5
2600:141b:f000:4a2::10f5
3.92.116.238
03bf00a8a4a25a889ddf85681af1c81dc141ccfa3570e0ae69c5777863730dad
12ab778fa6218a9096cd600179009b81d01098c60988028830b3a81141b3612e
3b624885461e50f32b6e2daf11e72af3b9248f763d2c00a577ff609bff238c3b
404f340fc37bbce0f9d67dfcccf5ee24ed9a38caf31aa315ceb1fad6f4a5b0ae
488a1be9c1295a99be75ebb32d1f4cc253a8a98ec5b7d06d50081b6ea18164ad
51d1c408acd3f6707b716aa1744bcf0f1e767eb6c1150fb5eca768a7c0fba1b8
730d05b6c843180c50fdc1c64f78044cd147e1729773abe7d620c6c9cd8146ec
750f14cd512f49a4f9e835262ccf8865052eac01df29a6ca29014a962e5dcbbe
7a9d02b2e6462fe59c19482f138c12d0e76cad437bbb137be3b484ac66ee8247
a696f739dff92aa69ea8801eaee6406702a7cff57f604a82feaa3e47242d13da
b9ba5c51872285bc64f8aa5b4bdd3380318427fa841293a63bd52fa73f4e6280
bbbcd74897e9eff912d826843b729f80990435c8d79d0f09d74550207079f1d6
c001778b3bf918d01b5ddbf1cb9a25bf39086606701024ec7480fab8cac8e056
d1cd965e49bca92cba587fa42e92dfde0348aa61eba241d9767c5488f652d6c8
d48c177bd74af2c463702ece1fd2bc946327b2a7149ea09e0d2ce2449677e891

share.starbucks.com Open in urlscan Pro 3.92.116.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

50 %IPv6

2 Domains

7 Subdomains

3 IPs

1 Countries

427 kBTransfer

496 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

share.starbucks.com Open in urlscan Pro
3.92.116.238 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

7
Subdomains

3
IPs

1
Countries

427 kB
Transfer

496 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions