app.starbucks.com Open in urlscan Pro
104.109.84.236  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

• https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=-8258231644419084144&esid=32522&Key=2689bb1f07a4544aa30798862ab1df07&env=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=-8258231644419084144&esid=32522&Key=2689bb1f07a4544aa30798862ab1df07&env=2&google_tc= HTTP 302
• https://cookiesync.mparticle.com/v1/sync/?id=CAESEHfSha2nJpUzkfguowmyTNA&MPID=-8258231644419084144&esid=32522&Key=2689bb1f07a4544aa30798862ab1df07&env=2&google_cver=1

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request cards Show response app.starbucks.com/	157 KB 51 KB	830ms 828ms	Document text/html	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 85bfabce6c229c8327037cfc4b6dc12f2ab3f023850e3df7b0d1b841b283cca6 Security Headers Name Value Content-Security-Policy default-src 'self' *.starbucks.com *.starbucksassets.com *.starbucks.ca; child-src 'self' *.starbucks.com *.starbucks.ca *.americanexpress.com *.chase.com *.doubleclick.net *.facebook.com *.mastercard.com *.optimizely.com *.paypal.com tr.snapchat.com *.qualtrics.com *.surveymonkey.com pixel.tapad.com *.trustarc.com prefmgr-cookie.truste-svc.net *.visa.com; connect-src 'self' ws: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.akamaihd.net *.akstat.io *.bing.com *.branch.io app.link *.doubleclick.net *.facebook.com *.go-mpulse.net *.google-analytics.com *.iesnare.com wss://mpsnare.iesnare.com *.mastercard.com *.mparticle.com *.nr-data.net *.optimizely.com *.paypal.com *.pinterest.com *.qualtrics.com https://thm.visa.com *.zeronaught.com; font-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca https://fonts.gstatic.com *.qualtrics.com *.trustarc.com; img-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.adsrvr.org *.agkn.com *.akamaihd.net *.bing.com *.demdex.net *.doubleclick.net *.facebook.com *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com https://*.gstatic.com *.kenshoo.com *.marinsm.com *.mparticle.com *.nr-data.net *.pinterest.com *.qualtrics.com https://bs.serving-sys.com *.surveymonkey.com pixel.tapad.com *.trustarc.com *.visa.com *.xg4ken.com; media-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.iesnare.com; object-src 'self' *.starbucks.com *.starbucks.ca https://thm.visa.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.starbucks.com *.starbucksassets.com *.starbucks.ca *.aexp-static.com https://s3.amazonaws.com *.akamaihd.net *.bing.com *.branch.io app.link *.chase.com *.doubleclick.net *.facebook.net *.go-mpulse.net *.google.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.iesnare.com *.kenshoo.com *.marinsm.com *.mastercard.com *.mparticle.com *.newrelic.com *.nr-data.net *.optimizely.com *.paypal.com *.pinimg.com *.qualtrics.com sc-static.net *.surveymonkey.com *.trustarc.com *.visa.com *.zeronaught.com *.xg4ken.com; style-src 'self' 'unsafe-inline' *.starbucks.com *.starbucksassets.com *.starbucks.ca *.google.com https://fonts.googleapis.com; report-uri /webhooks/csp-report Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :method GET :authority app.starbucks.com :scheme https :path /cards pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type text/html; charset=utf-8 x-correlation-id 5d31afd0-a564-4b05-b94e-6ff0fe38ba2c content-language en-US content-security-policy default-src 'self' *.starbucks.com *.starbucksassets.com *.starbucks.ca; child-src 'self' *.starbucks.com *.starbucks.ca *.americanexpress.com *.chase.com *.doubleclick.net *.facebook.com *.mastercard.com *.optimizely.com *.paypal.com tr.snapchat.com *.qualtrics.com *.surveymonkey.com pixel.tapad.com *.trustarc.com prefmgr-cookie.truste-svc.net *.visa.com; connect-src 'self' ws: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.akamaihd.net *.akstat.io *.bing.com *.branch.io app.link *.doubleclick.net *.facebook.com *.go-mpulse.net *.google-analytics.com *.iesnare.com wss://mpsnare.iesnare.com *.mastercard.com *.mparticle.com *.nr-data.net *.optimizely.com *.paypal.com *.pinterest.com *.qualtrics.com https://thm.visa.com *.zeronaught.com; font-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca https://fonts.gstatic.com *.qualtrics.com *.trustarc.com; img-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.adsrvr.org *.agkn.com *.akamaihd.net *.bing.com *.demdex.net *.doubleclick.net *.facebook.com *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com https://*.gstatic.com *.kenshoo.com *.marinsm.com *.mparticle.com *.nr-data.net *.pinterest.com *.qualtrics.com https://bs.serving-sys.com *.surveymonkey.com pixel.tapad.com *.trustarc.com *.visa.com *.xg4ken.com; media-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.iesnare.com; object-src 'self' *.starbucks.com *.starbucks.ca https://thm.visa.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.starbucks.com *.starbucksassets.com *.starbucks.ca *.aexp-static.com https://s3.amazonaws.com *.akamaihd.net *.bing.com *.branch.io app.link *.chase.com *.doubleclick.net *.facebook.net *.go-mpulse.net *.google.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.iesnare.com *.kenshoo.com *.marinsm.com *.mastercard.com *.mparticle.com *.newrelic.com *.nr-data.net *.optimizely.com *.paypal.com *.pinimg.com *.qualtrics.com sc-static.net *.surveymonkey.com *.trustarc.com *.visa.com *.zeronaught.com *.xg4ken.com; style-src 'self' 'unsafe-inline' *.starbucks.com *.starbucksassets.com *.starbucks.ca *.google.com https://fonts.googleapis.com; report-uri /webhooks/csp-report x-xss-protection 1; mode=block x-frame-options DENY strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-akamai-transformed 9 - 0 pmb=mRUM,2 date Tue, 15 Jun 2021 19:28:14 GMT vary Accept-Encoding set-cookie ux_exp_id=81a55331-3f06-4ba2-803b-793d9528eea6; Max-Age=31557600; Domain=.starbucks.com; Path=/; Expires=Thu, 16 Jun 2022 01:28:13 GMT; Secure; SameSite=Lax s_check=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT TS013067a9=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; Path=/ TS01d169da=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; path=/; domain=.starbucks.com AKA_A2=A; expires=Tue, 15-Jun-2021 20:28:14 GMT; path=/; domain=starbucks.com; secure; HttpOnly akacd_red_black=3801238092~rv=22~id=d474c906e5623365b4c940e63f73f33f; path=/;; Secure; SameSite=None server-timing cdn-cache; desc=REVALIDATE edge; dur=284 origin; dur=465 link <https://www.googletagmanager.com>;rel="preconnect",<https://bat.bing.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://jssdkcdns.mparticle.com>;rel="preconnect",<https://resources.xg4ken.com>;rel="preconnect" x-content-type-options nosniff
GET H2	200	vendor2.js Show response app.starbucks.com/vendor/static/	7 KB 4 KB	513ms 482ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/vendor/static/vendor2.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 9b49904bc1f8ccc65e2709f4e2b8d11cd7e7cfddd458ef1a06febeaa72240550 Security Headers Name Value X-Content-Type-Options nosniff Request headers :path /vendor/static/vendor2.js pragma no-cache cookie ux_exp_id=81a55331-3f06-4ba2-803b-793d9528eea6; TS013067a9=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; TS01d169da=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; AKA_A2=A; akacd_red_black=3801238092~rv=22~id=d474c906e5623365b4c940e63f73f33f accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority app.starbucks.com referer https://app.starbucks.com/cards :scheme https sec-fetch-site same-origin :method GET Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache no-cache date Tue, 15 Jun 2021 19:28:14 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-type application/javascript; charset=UTF-8 set-cookie tiWQK2tY=AP9KJRF6AQAADzJkuYm3cEcCQAHgMLUhJEqkTm37E0iqKYPhqk7RJ0la2Rot|1|0|488674479c513662e9414a35c47decd74ba905c4; Path=/; Max-Age=31556952; Domain=starbucks.com TS013067a9=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; Path=/ TS01a8932d=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; path=/; domain=starbucks.com cache-control no-cache, no-store, must-revalidate no-cache, no-store, must-revalidate server-timing cdn-cache; desc=MISS edge; dur=375 origin; dur=70 content-length 3329 expires 0 0
GET H2	200	patternLib.854b19e4136c8ead32ad.css app.starbucks.com/weblx/static/	103 KB 12 KB	4ms 0ms	Stylesheet text/css	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 01109df1dbe26364369e81b1fca72d4c666371e2c4bd6d9d2c52076b3693e58b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-2dcf" x-frame-options DENY content-type text/css x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 11727 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:07:19 GMT
GET H2	200	shared.f2b0d2c21dcdacfc57d4.css app.starbucks.com/weblx/static/	23 KB 6 KB	6ms 0ms	Stylesheet text/css	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/shared.f2b0d2c21dcdacfc57d4.css Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 553d6970835732ee74e6c2a01cd16a1ffbe674e9ec65d5b61c028161abf56eef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-15c7" x-frame-options DENY content-type text/css x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 5575 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:07:19 GMT
GET H2	200	notice Show response consent.trustarc.com/	12 KB 5 KB	53ms 48ms	Script text/javascript	13.224.195.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/notice?domain=app.starbucks.com&gtm=1&ostype=mobile&pcookie&oc=1&c=teconsent&text=true&js=nj&noticeType=bb&pn=1&country=us Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.195.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-195-72.fra2.r.cloudfront.net Software nginx / Resource Hash f2444f4c2f0125f9d407c312ea4b2473ef3b7335501fd661c7fd44380f5eb1a7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 18:32:28 GMT content-encoding gzip x-content-type-options nosniff age 3346 x-cache Hit from cloudfront cloudfront-viewer-country FR content-length 4663 x-xss-protection 1; mode=block timing-allow-origin * access-control-allow-origin * server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript;charset=UTF-8 via 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA2-C1 cloudfront-viewer-country-region IDF x-amz-cf-id CAFrk1aSC8U16f5Po2sfT88GjPG_Uw8_RpLL4OZQlhfXw3xluGvw2Q== expires Tue, 15 Jun 2021 19:32:28 GMT
GET H2	200	manifest.850e7bd6b7ae88074747.js Show response app.starbucks.com/weblx/static/	7 KB 3 KB	7ms 0ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/manifest.850e7bd6b7ae88074747.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 315ac174295e0a9043c1c3adfefc8a85a5294fb380d0a4f6fa664a4ce3e3cef8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-9f3" x-frame-options DENY content-type application/javascript x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 2547 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:07:19 GMT
GET H2	200	vendor.67cb5184c7d285e7a9e9.chunk.js Show response app.starbucks.com/weblx/static/	215 KB 55 KB	7ms 0ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/vendor.67cb5184c7d285e7a9e9.chunk.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash ec5cd854d84279c3f899ab2e33a079c31b238dc3b7114ada95427bf4abfef28b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-d96e" x-frame-options DENY content-type application/javascript x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 55662 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:07:19 GMT
GET H2	200	react.27c2591157e2e0349a22.chunk.js Show response app.starbucks.com/weblx/static/	195 KB 51 KB	16ms 0ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/react.27c2591157e2e0349a22.chunk.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 19e88fef3baf548034996886760bd06f9d79eb48f4aeaa39a62779dbfcc34937 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-cb94" x-frame-options DENY content-type application/javascript x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 52116 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:07:19 GMT
GET H2	200	optimizely.be63abc2d43c838d23f6.chunk.js Show response app.starbucks.com/weblx/static/	107 KB 21 KB	16ms 0ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/optimizely.be63abc2d43c838d23f6.chunk.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash d5edc695afb4e3c98eedfd254a7e68efb07396e1c1b3f3a857d0ab42dfdcd4c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-5481" x-frame-options DENY content-type application/javascript x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 21633 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:07:19 GMT
GET H2	200	patternLib.fccdf6a2b5b839f5e6e4.chunk.js Show response app.starbucks.com/weblx/static/	372 KB 70 KB	17ms 0ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/patternLib.fccdf6a2b5b839f5e6e4.chunk.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash f5debc1a67f4020009f58650260705849e31d99248fa87f93a265b41067b0b0d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-116d2" x-frame-options DENY content-type application/javascript x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 71378 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:07:19 GMT
GET H2	200	shared.466ee8cbd20a5a7161aa.chunk.js Show response app.starbucks.com/weblx/static/	245 KB 57 KB	25ms 0ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/shared.466ee8cbd20a5a7161aa.chunk.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 8c7972daeb27c9c408fca9b93fc8819fc8df3e6506a486dc47a060a9bdb61e46 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-e1c7" x-frame-options DENY content-type application/javascript x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 57799 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:07:19 GMT
GET H2	200	lodash.75e6bc87e2253b917fb2.chunk.js Show response app.starbucks.com/weblx/static/	139 KB 35 KB	27ms 0ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/lodash.75e6bc87e2253b917fb2.chunk.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 7b1dd592d673075cf7d998e32a241cc6a080a5b352738d9bdaec1681b549d6ec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-8a65" x-frame-options DENY content-type application/javascript x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 35429 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:07:19 GMT
GET H2	200	coreApp.a5ff66daee15b791bfd8.chunk.js Show response app.starbucks.com/weblx/static/	259 KB 57 KB	84ms 47ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/coreApp.a5ff66daee15b791bfd8.chunk.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 3c80803a94fd5214688e417ecb1b352f515ddce3940085bfe2628c869a1c91f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag "60c37a92-e26d" x-frame-options DENY content-type application/javascript x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 57965 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:21:40 GMT
GET H2	200	vendor2.js Show response app.starbucks.com/vendor/static/	185 KB 103 KB	377ms 376ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 5310f9a6a55dacc5500fb0c014446fa13598c4ccd996d6369b302cab574c7002 Security Headers Name Value X-Content-Type-Options nosniff Request headers :path /vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q pragma no-cache cookie tiWQK2tY=AP9KJRF6AQAADzJkuYm3cEcCQAHgMLUhJEqkTm37E0iqKYPhqk7RJ0la2Rot|1|0|488674479c513662e9414a35c47decd74ba905c4; TS013067a9=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; TS01a8932d=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority app.starbucks.com referer https://app.starbucks.com/cards :scheme https sec-fetch-site same-origin :method GET Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:28:15 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding content-type application/javascript; charset=UTF-8 set-cookie akacd_red_black=3801238093~rv=8~id=525d1a44ed7b19455c31fd444e890d9e; path=/;; Secure; SameSite=None cache-control public, max-age=3600, immutable public, max-age=3600, immutable server-timing cdn-cache; desc=MISS edge; dur=267 origin; dur=70
GET H2	200	coreApp.c5fdc04dc1c1c1ce258e.css app.starbucks.com/weblx/static/	6 KB 2 KB	1ms 0ms	Stylesheet text/css	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/coreApp.c5fdc04dc1c1c1ce258e.css Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 1a06ffe602d8cad2319ada735d663cf31ea8e8ee20b69ad25e5e71a7fa3f1aaa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Mon, 07 Jun 2021 21:39:50 GMT cache-control max-age=31536000 etag "60be9226-7ce" x-frame-options DENY content-type text/css x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=1 content-length 1998 x-xss-protection 1; mode=block expires Fri, 10 Jun 2022 06:09:52 GMT
GET H2	200	a04d3c474ae54100589fa362d8f6db2a.woff app.starbucks.com/weblx/static/	36 KB 36 KB	47ms 46ms	Font font/woff	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/a04d3c474ae54100589fa362d8f6db2a.woff Requested by Host: app.starbucks.com URL: https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 3985c3a1e01219a0d0b35015ee6d55de1d22313935a155dfaa014fd3b9f2f85b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors origin https://app.starbucks.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie tiWQK2tY=AP9KJRF6AQAADzJkuYm3cEcCQAHgMLUhJEqkTm37E0iqKYPhqk7RJ0la2Rot|1|0|488674479c513662e9414a35c47decd74ba905c4; TS013067a9=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; TS01a8932d=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; akacd_red_black=3801238093~rv=8~id=525d1a44ed7b19455c31fd444e890d9e :path /weblx/static/a04d3c474ae54100589fa362d8f6db2a.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority app.starbucks.com referer https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css :scheme https sec-fetch-site same-origin :method GET Origin https://app.starbucks.com Referer https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT etag "60c37a92-8ec4" x-frame-options DENY content-type font/woff cache-control max-age=31536000 date Tue, 15 Jun 2021 19:28:15 GMT server-timing cdn-cache; desc=HIT edge; dur=1 accept-ranges bytes content-length 36548 x-xss-protection 1; mode=block expires Mon, 13 Jun 2022 21:06:34 GMT
GET H2	200	9072643e9f07efac73cc4b79a2b55d7c.woff app.starbucks.com/weblx/static/	37 KB 37 KB	54ms 53ms	Font font/woff	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/9072643e9f07efac73cc4b79a2b55d7c.woff Requested by Host: app.starbucks.com URL: https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 87221f4168a0c74bb086b412a20d814ace5a7d0c93c2a27c907fe1cdc15bd504 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors origin https://app.starbucks.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie tiWQK2tY=AP9KJRF6AQAADzJkuYm3cEcCQAHgMLUhJEqkTm37E0iqKYPhqk7RJ0la2Rot|1|0|488674479c513662e9414a35c47decd74ba905c4; TS013067a9=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; TS01a8932d=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; akacd_red_black=3801238093~rv=8~id=525d1a44ed7b19455c31fd444e890d9e :path /weblx/static/9072643e9f07efac73cc4b79a2b55d7c.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority app.starbucks.com referer https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css :scheme https sec-fetch-site same-origin :method GET Origin https://app.starbucks.com Referer https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT etag "60c37a92-9474" x-frame-options DENY content-type font/woff cache-control max-age=31536000 date Tue, 15 Jun 2021 19:28:15 GMT server-timing cdn-cache; desc=HIT edge; dur=1 accept-ranges bytes content-length 38004 x-xss-protection 1; mode=block expires Mon, 13 Jun 2022 21:06:34 GMT
GET H2	200	891bac4bf2cf726a4a3ccf8560d7c300.woff app.starbucks.com/weblx/static/	37 KB 37 KB	85ms 83ms	Font font/woff	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/891bac4bf2cf726a4a3ccf8560d7c300.woff Requested by Host: app.starbucks.com URL: https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 5a3e3c8a98936e9d5e02c3f5c5bface86613291002e14bfc7490365a3ef6fdf8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors origin https://app.starbucks.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie tiWQK2tY=AP9KJRF6AQAADzJkuYm3cEcCQAHgMLUhJEqkTm37E0iqKYPhqk7RJ0la2Rot|1|0|488674479c513662e9414a35c47decd74ba905c4; TS013067a9=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; TS01a8932d=0149140096d6fd90e8caa5a90188abf404951dbf382d74101d0526ee10851f3822cc43c933832c3264da60e4003fd55191538df861; akacd_red_black=3801238093~rv=8~id=525d1a44ed7b19455c31fd444e890d9e :path /weblx/static/891bac4bf2cf726a4a3ccf8560d7c300.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority app.starbucks.com referer https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css :scheme https sec-fetch-site same-origin :method GET Origin https://app.starbucks.com Referer https://app.starbucks.com/weblx/static/patternLib.854b19e4136c8ead32ad.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Mon, 07 Jun 2021 21:39:50 GMT etag "60be9226-93b0" x-frame-options DENY content-type font/woff cache-control max-age=31536000 date Tue, 15 Jun 2021 19:28:15 GMT server-timing cdn-cache; desc=HIT edge; dur=1 accept-ranges bytes content-length 37808 x-xss-protection 1; mode=block expires Thu, 09 Jun 2022 22:35:56 GMT
GET H2	200	HHB3F-A7T87-EXZWT-MGPRQ-KZYBS Show response s.go-mpulse.net/boomerang/ Frame 8E8F	197 KB 48 KB	10ms 9ms	Script application/javascript	2a02:26f0:6c00:287::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.go-mpulse.net/boomerang/HHB3F-A7T87-EXZWT-MGPRQ-KZYBS Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 50d9b6a7252bfc4709da205ebf62e48cdac0ac29edcf6c5b8e213a91275979d6 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:28:15 GMT content-encoding br last-modified Fri, 21 May 2021 00:27:52 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=604800 timing-allow-origin * content-length 48663
GET H2	200	gtm.js Show response www.googletagmanager.com/	220 KB 62 KB	33ms 32ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NXP5CQ Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ed89c6735fd1fd53cf224676d4caa0d19a971829616abba729f5952803bb3203 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:28:15 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63235 x-xss-protection 0 last-modified Tue, 15 Jun 2021 18:18:08 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 15 Jun 2021 19:28:15 GMT
GET H2	200	v1.7-8834 Show response consent.trustarc.com/asset/notice.js/v/	72 KB 23 KB	51ms 38ms	Script text/javascript	13.224.195.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/asset/notice.js/v/v1.7-8834 Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.195.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-195-72.fra2.r.cloudfront.net Software nginx / Resource Hash fdd650406adae0fb686277bda711756d1e219ae4f4e2569892661e6578689d2a Request headers Origin https://app.starbucks.com Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 18:35:20 GMT content-encoding gzip age 3175 x-cache Hit from cloudfront pragma public access-control-allow-origin * last-modified Mon, 14 Jun 2021 03:17:50 GMT server nginx vary Accept-Encoding content-type text/javascript via 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA2-C1 timing-allow-origin * x-amz-cf-id I5seFoUgxb9HjgzjQWiqMYqgd5Gb8V5k4Uw_KERqlry5K6LmgcSM1Q== expires Thu, 15 Jul 2021 18:35:20 GMT
GET H2	200	log consent.trustarc.com/	43 B 382 B	64ms 64ms	Image image/gif	13.224.195.72 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://consent.trustarc.com/log?domain=app.starbucks.com&country=us&state=&behavior=implied&c=5662 Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.195.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-195-72.fra2.r.cloudfront.net Software nginx / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 15 Jun 2021 19:28:15 GMT via 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront) server nginx x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront content-type image/gif cache-control private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 x-amz-cf-id 9lAph_fB2AXJxewahi7VEVcL9Au4JGCRZY4UHcZXTddr0G5rlTdlgQ== expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	nr-spa-1209.min.js Show response js-agent.newrelic.com/	42 KB 16 KB	32ms 32ms	Script application/javascript	151.101.14.110 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1209.min.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id d4wwExyN0N4Ag7LHjGXgHn7eRha876Bt content-encoding gzip etag "0a1d4ac0ed6107cdf844f28cc3ba3b82" x-amz-request-id 6WJVWDE655R6SB03 x-cache HIT content-length 15799 x-amz-id-2 VD4V2pQya5IYcNKmSisyWBWfDKMZHvq+FnxEs+6ti0dxtdWQgJ9r5ZyMeM2IjTrdbdTV/k2yqcQ= x-served-by cache-fra19133-FRA last-modified Thu, 20 May 2021 23:21:19 GMT server AmazonS3 x-timer S1623785296.271112,VS0,VE0 date Tue, 15 Jun 2021 19:28:16 GMT vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 2144
GET H2	200	/ Show response znahhxtqm6hrsshsu-starbucksux.siteintercept.qualtrics.com/SIE/	55 KB 17 KB	124ms 68ms	Script application/javascript	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://znahhxtqm6hrsshsu-starbucksux.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_ahHxtqM6hrSShSu Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash fc3f6ff6185387265b12594a6763d1ff93094b8c95f27ceca148a3cacad08479 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:28:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 486544 cf-polished origSize=57083 edge-control max-age=604800 x-envoy-upstream-service-time 10 vary Accept-Encoding cf-request-id 0ab2be69c20000049be4886000000001 cf-bgj minify server cloudflare x-powered-by Express etag W/"defb-7oADmmiTnHiGVGLvRMDiPnGKCBw" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 cf-ray 65fe33560eeb049b-CDG access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	notice Show response consent.trustarc.com/	16 KB 5 KB	46ms 46ms	Script text/javascript	13.224.195.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/notice?domain=app.starbucks.com&country=us&js=nj2&gtm=1&ostype=mobile&pcookie&oc=1&c=teconsent&text=true&noticeType=bb&pn=1& Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.195.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-195-72.fra2.r.cloudfront.net Software nginx / Resource Hash 5a34bdf081891c5ba2ca324ea728a408a09edaf8f4b7859fc99be419687f3f11 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Origin https://app.starbucks.com Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 18:32:28 GMT content-encoding gzip x-content-type-options nosniff age 3347 x-cache Hit from cloudfront cloudfront-viewer-country FR content-length 4982 x-xss-protection 1; mode=block timing-allow-origin * access-control-allow-origin * server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript;charset=UTF-8 via 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA2-C1 cloudfront-viewer-country-region IDF x-amz-cf-id jns6RP5B0C_8jxbfAjra2izy7PBoqiGj_S2f6ZhMwwjwMptQgBRl6g== expires Tue, 15 Jun 2021 19:32:28 GMT
GET H2	200	bat.js Show response bat.bing.com/	30 KB 9 KB	51ms 32ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-encoding gzip last-modified Fri, 28 May 2021 20:25:24 GMT x-msedge-ref Ref A: DCA1C65B22564DF9B43CE0A31B30ACCB Ref B: FRAEDGE1209 Ref C: 2021-06-15T19:28:16Z etag "0d2a696ff53d71:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 accept-ranges bytes content-length 9008
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 3816 date Tue, 15 Jun 2021 18:24:40 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Tue, 15 Jun 2021 20:24:40 GMT
GET H2	200	mparticle.js Show response jssdkcdns.mparticle.com/js/v2/2689bb1f07a4544aa30798862ab1df07/	227 KB 54 KB	51ms 14ms	Script application/javascript	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdkcdns.mparticle.com/js/v2/2689bb1f07a4544aa30798862ab1df07/mparticle.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash d48220215184792c7a63ea86e37a0602f1f6065d920c6e1aafacfd978c1baeb7 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:28:16 GMT via 1.1 varnish, 1.1 varnish age 3159 x-origin-name fastlyshield--shield_ssl_cache_dca12923_DCA x-cache HIT, HIT x-cache-hits 1, 6 content-encoding gzip content-length 54865 x-served-by cache-dca12923-DCA, cache-fra19136-FRA server Kestrel x-timer S1623785296.396317,VS0,VE0 vary Accept, Accept-Encoding content-type application/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 15 Jun 2021 19:35:37 GMT
GET H/1.1	200 OK	ktag.js Show response resources.xg4ken.com/js/v2/	12 KB 5 KB	102ms 100ms	Script text/plain	52.70.141.7 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N4353-3EA Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.70.141.7 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-70-141-7.compute-1.amazonaws.com Software nginx / Resource Hash 6eefc0aacb7c6c15dfc7fbd9670c0a148ae9f3f7276ec1271cefaea34737ba5f Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 15 Jun 2021 19:28:16 GMT Content-Encoding gzip Last-Modified Thu, 20 May 2021 12:18:27 GMT Server nginx ETag "60a65393-1110" Content-Type text/plain Cache-Control max-age=86400, public Connection keep-alive Content-Length 4368 X-XSS-Protection 1; mode=block Expires Wed, 16 Jun 2021 19:28:16 GMT
GET H/1.1	200 OK	671cca5e0f Show response bam-cell.nr-data.net/1/	49 B 915 B	185ms 184ms	Script text/javascript	162.247.243.147 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/1/671cca5e0f?a=24549142&v=1209.f04e2b9&to=NQMBZkJRXEAEAhJQCgxJJkpAQldAFgsVFiInMkwdQ1VARQwCA04KEA0GQB5aQQ%3D%3D&rst=2828&ck=1&ref=https://app.starbucks.com/cards&ap=2.694008&be=2106&fe=2681&dc=2482&tt=257fba7c492b2ec4&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1623785293577,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:3,%22rp%22:831,%22rpe%22:834,%22dl%22:837,%22di%22:2481,%22ds%22:2481,%22de%22:2481,%22dc%22:2680,%22l%22:2680,%22le%22:2688%7D,%22navigation%22:%7B%7D%7D&fp=2582&fcp=2582&jsonp=NREUM.setToken Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS Software cloudflare / Resource Hash dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 15 Jun 2021 19:28:16 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC X-NewRelic-App-Data PxQGQlRUCgYBXVFQFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoLBl0NVHRMB05WAhtDU1peUVFXV1sBBVVeUQgBAUBKBQNcEV0/ Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-Ray 65fe33569d9b083f-CDG cf-request-id 0ab2be6a200000083f7c0c5000000001
GET H2	200	bannermsg consent.trustarc.com/	43 B 432 B	61ms 58ms	Image image/gif	13.224.195.72 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://consent.trustarc.com/bannermsg?action=views&domain=app.starbucks.com&behavior=implied&country=us&language=en&rand=0.0019661799945338565 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.195.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-195-72.fra2.r.cloudfront.net Software nginx / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 15 Jun 2021 19:28:16 GMT via 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront) x-content-type-options nosniff server nginx x-amz-cf-pop FRA2-C1 x-frame-options SAMEORIGIN x-cache Miss from cloudfront content-type image/gif access-control-allow-origin * cache-control no-cache content-length 43 x-xss-protection 1; mode=block x-amz-cf-id Q18JGxq1I_n_G11rUoJKPxa2TKMXQtXJr7XhSbmrElamwl08nsiKww== expires Tue, 15 Jun 2021 19:28:15 GMT
GET H3-29	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 882 B	8ms 6ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:11:05 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 1031 vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 expires Tue, 15 Jun 2021 20:11:05 GMT
GET H2	200	get consent.trustarc.com/	35 KB 36 KB	35ms 35ms	Font application/font-woff	13.224.195.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://consent.trustarc.com/get?name=sodosans-normal.woff Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.195.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-195-72.fra2.r.cloudfront.net Software nginx / Resource Hash 488a1be9c1295a99be75ebb32d1f4cc253a8a98ec5b7d06d50081b6ea18164ad Request headers Origin https://app.starbucks.com Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Tue, 15 Jun 2021 18:56:40 GMT via 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront) server nginx age 1896 x-cache Hit from cloudfront content-type application/font-woff access-control-allow-origin * cache-control max-age=2592000 x-amz-cf-pop FRA2-C1 timing-allow-origin * content-length 36064 x-amz-cf-id WmeA_1EHkb84vPmNjPpUA3mUEBghCA0rML8N9FkpzmST80N_suEckw== expires Thu, 15 Jul 2021 18:56:40 GMT
GET H2	204	5104519.js Show response bat.bing.com/p/action/	0 150 B	33ms 32ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5104519.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ARR/3.0 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 15 Jun 2021 19:28:16 GMT cache-control private,max-age=86400 x-msedge-ref Ref A: 35FB141B88F04C2E9A031D8BC2C74C2C Ref B: FRAEDGE1209 Ref C: 2021-06-15T19:28:16Z x-powered-by ARR/3.0 x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 149 B	29ms 27ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5104519&tm=gtm001&Ver=2&mid=f29e9bfe-6416-4374-b996-16d743be2073&sid=d589aa40ce0f11eb94e57dc44608668e&vid=d58a8b80ce0f11ebae89b91b31aa9bcb&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fapp.starbucks.com%2Fcards&r=&lt=2688&evt=pageLoad&msclkid=N&sv=1&rn=841148 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * pragma no-cache date Tue, 15 Jun 2021 19:28:16 GMT cache-control no-cache, must-revalidate x-msedge-ref Ref A: BAC463A66DCD4B028355F80D61C05EC0 Ref B: FRAEDGE1209 Ref C: 2021-06-15T19:28:16Z x-cache CONFIG_NOCACHE expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	identify identity.mparticle.com/v1/ Frame	0 0	87ms 9ms	Preflight	2a04:4e42:1b::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Protocol H2 Server 2a04:4e42:1b::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=900 Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-mp-key Origin https://app.starbucks.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server Kestrel access-control-allow-headers content-type,x-mp-key access-control-allow-origin * x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin accept-ranges bytes date Tue, 15 Jun 2021 19:28:16 GMT via 1.1 varnish age 917 x-served-by cache-hhn4041-HHN x-cache HIT x-cache-hits 253 x-timer S1623785297.933904,VS0,VE0 strict-transport-security max-age=900
GET H3-29	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 3816 date Tue, 15 Jun 2021 18:24:40 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Tue, 15 Jun 2021 20:24:40 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	77 KB 31 KB	16ms 14ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=4487060 Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash de23435f9890fe5894b1040777e5b180e119c8c1616391e5bc5503ff88ec7c93 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:28:16 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31296 x-xss-protection 0 last-modified Tue, 15 Jun 2021 18:18:08 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 15 Jun 2021 19:28:16 GMT
POST H2	200	identify Show response identity.mparticle.com/v1/	176 B 287 B	117ms 117ms	XHR application/json	2a04:4e42:1b::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://identity.mparticle.com/v1/identify Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 59300a2f981127a7c31ba3645f0348ac38a8470eeb1313926057e4a29b5e2287 Security Headers Name Value Strict-Transport-Security max-age=900 Request headers x-mp-key 2689bb1f07a4544aa30798862ab1df07 Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers date Tue, 15 Jun 2021 19:28:17 GMT content-encoding gzip server Kestrel x-timer S1623785297.943809,VS0,VE112 x-origin-name 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin x-served-by cache-hhn4041-HHN vary Accept-Encoding x-cache MISS content-type application/json; charset=utf-8 access-control-allow-origin * strict-transport-security max-age=900 accept-ranges bytes via 1.1 varnish x-cache-hits 0
GET H2	200	cards-app-bar-header.220073d4e1ba22315b75.chunk.js Show response app.starbucks.com/weblx/static/	1 KB 1 KB	99ms 99ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/cards-app-bar-header.220073d4e1ba22315b75.chunk.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash a80499448d7746f5bba5058a37ed3a5c866fe123bf4e529956f4b048b6c14e56 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /weblx/static/cards-app-bar-header.220073d4e1ba22315b75.chunk.js pragma no-cache cookie _gcl_au=1.1.164205571.1623785296; _ga=GA1.2.2121563851.1623785296; _gid=GA1.2.600363142.1623785296; _uetsid=d589aa40ce0f11eb94e57dc44608668e; _uetvid=d58a8b80ce0f11ebae89b91b31aa9bcb; mprtcl-v4_D61E2A41={'gs':{'ie':1|'dt':'2689bb1f07a4544aa30798862ab1df07'|'cgid':'947772f4-3e98-40cc-b39a-437cdfc992be'|'das':'c9446d00-6ee5-4c6a-bdb5-d57716239dd9'}|'l':0}; _ga=GA1.3.2121563851.1623785296; _gid=GA1.3.600363142.1623785296 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority app.starbucks.com referer https://app.starbucks.com/cards :scheme https sec-fetch-site same-origin :method GET Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT etag W/"60c37a92-561" x-frame-options DENY content-type application/javascript cache-control max-age=31536000 date Tue, 15 Jun 2021 19:28:17 GMT server-timing cdn-cache; desc=HIT edge; dur=35 set-cookie akacd_red_black=3801238096~rv=75~id=8496eb490addf2d5f48836cb28d89f5d; path=/;; Secure; SameSite=None content-length 680 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:21:47 GMT
GET H2	200	svc-cards-list-content.44c1a75b563f7d8c7b76.css app.starbucks.com/weblx/static/	901 B 838 B	1ms 0ms	Stylesheet text/css	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/svc-cards-list-content.44c1a75b563f7d8c7b76.css Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 51b39ea9aa5097c465e09c79e2fc45832c39fdf00d7eef362fd2e6b54b038543 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT cache-control max-age=31536000 etag W/"60c37a92-385" x-frame-options DENY content-type text/css x-akamai-http2-push 1 date Tue, 15 Jun 2021 19:28:13 GMT server-timing cdn-cache; desc=HIT edge; dur=73 content-length 518 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:48:25 GMT
GET H2	200	svc-cards-list-content.975beff32f2cead8b962.chunk.js Show response app.starbucks.com/weblx/static/	16 KB 5 KB	98ms 98ms	Script application/javascript	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/weblx/static/svc-cards-list-content.975beff32f2cead8b962.chunk.js Requested by Host: app.starbucks.com URL: https://app.starbucks.com/cards Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 89289ae48b8d9ea6e3b72ed942e3fec60ab4ea5f746d8159c4b73e237076df1e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :path /weblx/static/svc-cards-list-content.975beff32f2cead8b962.chunk.js pragma no-cache cookie _gcl_au=1.1.164205571.1623785296; _ga=GA1.2.2121563851.1623785296; _gid=GA1.2.600363142.1623785296; _uetsid=d589aa40ce0f11eb94e57dc44608668e; _uetvid=d58a8b80ce0f11ebae89b91b31aa9bcb; mprtcl-v4_D61E2A41={'gs':{'ie':1|'dt':'2689bb1f07a4544aa30798862ab1df07'|'cgid':'947772f4-3e98-40cc-b39a-437cdfc992be'|'das':'c9446d00-6ee5-4c6a-bdb5-d57716239dd9'}|'l':0}; _ga=GA1.3.2121563851.1623785296; _gid=GA1.3.600363142.1623785296 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority app.starbucks.com referer https://app.starbucks.com/cards :scheme https sec-fetch-site same-origin :method GET Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br x-content-type-options nosniff last-modified Fri, 11 Jun 2021 15:00:34 GMT etag "60c37a92-1149" x-frame-options DENY content-type application/javascript cache-control max-age=31536000 date Tue, 15 Jun 2021 19:28:17 GMT server-timing cdn-cache; desc=HIT edge; dur=5 set-cookie akacd_red_black=3801238096~rv=54~id=456bc99eef2169bb3e0e62374303f47e; path=/;; Secure; SameSite=None content-length 4425 x-xss-protection 1; mode=block expires Sat, 11 Jun 2022 21:21:53 GMT
POST H2	200	get-product-name-and-image Show response app.starbucks.com/bff/proxy/orchestra/	309 B 3 KB	240ms 240ms	Fetch application/json	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/bff/proxy/orchestra/get-product-name-and-image Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 2b463b764348aaf5333f54cb684cb9eeb3c6186de2053372cf0373fb915e00a0 Security Headers Name Value Content-Security-Policy default-src 'self' *.starbucks.com *.starbucksassets.com *.starbucks.ca; child-src 'self' *.starbucks.com *.starbucks.ca *.americanexpress.com *.chase.com *.doubleclick.net *.facebook.com *.mastercard.com *.optimizely.com *.paypal.com tr.snapchat.com *.qualtrics.com *.surveymonkey.com pixel.tapad.com *.trustarc.com prefmgr-cookie.truste-svc.net *.visa.com; connect-src 'self' ws: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.akamaihd.net *.akstat.io *.bing.com *.branch.io app.link *.doubleclick.net *.facebook.com *.go-mpulse.net *.google-analytics.com *.iesnare.com wss://mpsnare.iesnare.com *.mastercard.com *.mparticle.com *.nr-data.net *.optimizely.com *.paypal.com *.pinterest.com *.qualtrics.com https://thm.visa.com *.zeronaught.com; font-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca https://fonts.gstatic.com *.qualtrics.com *.trustarc.com; img-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.adsrvr.org *.agkn.com *.akamaihd.net *.bing.com *.demdex.net *.doubleclick.net *.facebook.com *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com https://*.gstatic.com *.kenshoo.com *.marinsm.com *.mparticle.com *.nr-data.net *.pinterest.com *.qualtrics.com https://bs.serving-sys.com *.surveymonkey.com pixel.tapad.com *.trustarc.com *.visa.com *.xg4ken.com; media-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.iesnare.com; object-src 'self' *.starbucks.com *.starbucks.ca https://thm.visa.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.starbucks.com *.starbucksassets.com *.starbucks.ca *.aexp-static.com https://s3.amazonaws.com *.akamaihd.net *.bing.com *.branch.io app.link *.chase.com *.doubleclick.net *.facebook.net *.go-mpulse.net *.google.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.iesnare.com *.kenshoo.com *.marinsm.com *.mastercard.com *.mparticle.com *.newrelic.com *.nr-data.net *.optimizely.com *.paypal.com *.pinimg.com *.qualtrics.com sc-static.net *.surveymonkey.com *.trustarc.com *.visa.com *.zeronaught.com *.xg4ken.com; style-src 'self' 'unsafe-inline' *.starbucks.com *.starbucksassets.com *.starbucks.ca *.google.com https://fonts.googleapis.com; report-uri /webhooks/csp-report Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors origin https://app.starbucks.com accept-encoding gzip, deflate, br tracestate 1758892@nr=0-1-1307519-24549305-94b17034c7ac82c2----1623785297008 accept-language en-US newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEzMDc1MTkiLCJhcCI6IjI0NTQ5MzA1IiwiaWQiOiI5NGIxNzAzNGM3YWM4MmMyIiwidHIiOiIwYTZkYzg0NWU5YjJkMWQxYmJjYTQyNzVmODBkM2NiMCIsInRpIjoxNjIzNzg1Mjk3MDA4LCJ0ayI6IjE3NTg4OTIifX0= sec-fetch-dest empty x-requested-with XMLHttpRequest cookie _gcl_au=1.1.164205571.1623785296; _ga=GA1.2.2121563851.1623785296; _gid=GA1.2.600363142.1623785296; _uetsid=d589aa40ce0f11eb94e57dc44608668e; _uetvid=d58a8b80ce0f11ebae89b91b31aa9bcb; mprtcl-v4_D61E2A41={'gs':{'ie':1|'dt':'2689bb1f07a4544aa30798862ab1df07'|'cgid':'947772f4-3e98-40cc-b39a-437cdfc992be'|'das':'c9446d00-6ee5-4c6a-bdb5-d57716239dd9'}|'l':0}; _ga=GA1.3.2121563851.1623785296; _gid=GA1.3.600363142.1623785296 content-length 76 :path /bff/proxy/orchestra/get-product-name-and-image pragma no-cache traceparent 00-0a6dc845e9b2d1d1bbca4275f80d3cb0-94b17034c7ac82c2-01 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json accept application/json cache-control no-cache :authority app.starbucks.com referer https://app.starbucks.com/cards :scheme https sec-fetch-site same-origin :method POST tracestate 1758892@nr=0-1-1307519-24549305-94b17034c7ac82c2----1623785297008 traceparent 00-0a6dc845e9b2d1d1bbca4275f80d3cb0-94b17034c7ac82c2-01 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEzMDc1MTkiLCJhcCI6IjI0NTQ5MzA1IiwiaWQiOiI5NGIxNzAzNGM3YWM4MmMyIiwidHIiOiIwYTZkYzg0NWU5YjJkMWQxYmJjYTQyNzVmODBkM2NiMCIsInRpIjoxNjIzNzg1Mjk3MDA4LCJ0ayI6IjE3NTg4OTIifX0= content-type application/json accept application/json Referer https://app.starbucks.com/cards x-requested-with XMLHttpRequest Response headers content-security-policy default-src 'self' *.starbucks.com *.starbucksassets.com *.starbucks.ca; child-src 'self' *.starbucks.com *.starbucks.ca *.americanexpress.com *.chase.com *.doubleclick.net *.facebook.com *.mastercard.com *.optimizely.com *.paypal.com tr.snapchat.com *.qualtrics.com *.surveymonkey.com pixel.tapad.com *.trustarc.com prefmgr-cookie.truste-svc.net *.visa.com; connect-src 'self' ws: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.akamaihd.net *.akstat.io *.bing.com *.branch.io app.link *.doubleclick.net *.facebook.com *.go-mpulse.net *.google-analytics.com *.iesnare.com wss://mpsnare.iesnare.com *.mastercard.com *.mparticle.com *.nr-data.net *.optimizely.com *.paypal.com *.pinterest.com *.qualtrics.com https://thm.visa.com *.zeronaught.com; font-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca https://fonts.gstatic.com *.qualtrics.com *.trustarc.com; img-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.adsrvr.org *.agkn.com *.akamaihd.net *.bing.com *.demdex.net *.doubleclick.net *.facebook.com *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com https://*.gstatic.com *.kenshoo.com *.marinsm.com *.mparticle.com *.nr-data.net *.pinterest.com *.qualtrics.com https://bs.serving-sys.com *.surveymonkey.com pixel.tapad.com *.trustarc.com *.visa.com *.xg4ken.com; media-src 'self' data: *.starbucks.com *.starbucksassets.com *.starbucks.ca *.iesnare.com; object-src 'self' *.starbucks.com *.starbucks.ca https://thm.visa.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.starbucks.com *.starbucksassets.com *.starbucks.ca *.aexp-static.com https://s3.amazonaws.com *.akamaihd.net *.bing.com *.branch.io app.link *.chase.com *.doubleclick.net *.facebook.net *.go-mpulse.net *.google.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.iesnare.com *.kenshoo.com *.marinsm.com *.mastercard.com *.mparticle.com *.newrelic.com *.nr-data.net *.optimizely.com *.paypal.com *.pinimg.com *.qualtrics.com sc-static.net *.surveymonkey.com *.trustarc.com *.visa.com *.zeronaught.com *.xg4ken.com; style-src 'self' 'unsafe-inline' *.starbucks.com *.starbucksassets.com *.starbucks.ca *.google.com https://fonts.googleapis.com; report-uri /webhooks/csp-report x-correlation-id 19c38c2e-5909-4ef1-939e-9dc5a97cca34 x-content-type-options nosniff date Tue, 15 Jun 2021 19:28:17 GMT x-frame-options DENY strict-transport-security max-age=31536000; includeSubDomains content-language en-US cache-control no-cache server-timing edge; dur=4 origin; dur=146 cdn-cache; desc=MISS set-cookie ux_exp_id=71303f65-8c61-4f2a-b30e-5b98f72c91d6; Max-Age=31557600; Domain=127.0.0.1; Path=/; Expires=Thu, 16 Jun 2022 01:28:17 GMT; Secure; SameSite=Lax TS013067a9=0149140096da37a324905e07d8c962f7b81b3de2a1adaa2d77d1baf5ff35604e680d6353a4425d5e2e1d8c91b573c246d593bc5575; Path=/ TS018a39d9=0149140096da37a324905e07d8c962f7b81b3de2a1adaa2d77d1baf5ff35604e680d6353a4425d5e2e1d8c91b573c246d593bc5575; path=/; domain=127.0.0.1 akacd_red_black=3801238096~rv=50~id=9ac485e3b212f71714b147bacd351ddd; path=/;; Secure; SameSite=None content-type application/json; charset=utf-8 content-length 309 x-xss-protection 1; mode=block
GET H/1.1	200 OK	/ d.agkn.com/pixel/9270/	43 B 585 B	40ms 39ms	Image image/gif	35.157.140.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.agkn.com/pixel/9270/?type=01v00012&che=187055480.32411733 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.140.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-140-213.eu-central-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Jun 2021 19:28:16 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	/ d.agkn.com/pixel/9270/	43 B 593 B	75ms 35ms	Image image/gif	35.157.140.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.agkn.com/pixel/9270/?gaid=GA1.2.2121563851.1623785296&che=773028819 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.140.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-140-213.eu-central-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Jun 2021 19:28:17 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	menu Show response app.starbucks.com/bff/ordering/	187 KB 34 KB	502ms 501ms	XHR application/json	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://app.starbucks.com/bff/ordering/menu Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software / Resource Hash 94c040bac857c81b16cf028020562a32d09e4eef89024a11ac2b0be8bb28b669 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-fetch-mode cors accept-encoding gzip, deflate, br tracestate 1758892@nr=0-1-1307519-24549305-f6408888131e1a49----1623785297132 accept-language en-US newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEzMDc1MTkiLCJhcCI6IjI0NTQ5MzA1IiwiaWQiOiJmNjQwODg4ODEzMWUxYTQ5IiwidHIiOiIxODE3NTBhMGI2MGNiYmIxMTA2YjBhZDk0NTA1MGY3MCIsInRpIjoxNjIzNzg1Mjk3MTMyLCJ0ayI6IjE3NTg4OTIifX0= sec-fetch-dest empty cookie _gcl_au=1.1.164205571.1623785296; _ga=GA1.2.2121563851.1623785296; _gid=GA1.2.600363142.1623785296; _uetsid=d589aa40ce0f11eb94e57dc44608668e; _uetvid=d58a8b80ce0f11ebae89b91b31aa9bcb; mprtcl-v4_D61E2A41={'gs':{'ie':1|'dt':'2689bb1f07a4544aa30798862ab1df07'|'cgid':'947772f4-3e98-40cc-b39a-437cdfc992be'|'das':'c9446d00-6ee5-4c6a-bdb5-d57716239dd9'}|'l':0}; _ga=GA1.3.2121563851.1623785296; _gid=GA1.3.600363142.1623785296; ux_exp_id=aff68bab-1cfe-48fa-9177-220ddb5b0af6; TS013067a9=0149140096a310aaf20da3cd30a4b3b17bf8cfe90837d1225f2cb738b25d691200326efdeeaec288654b2fbe71ad0d3d3917fac293; TS01d169da=0149140096a310aaf20da3cd30a4b3b17bf8cfe90837d1225f2cb738b25d691200326efdeeaec288654b2fbe71ad0d3d3917fac293; akacd_red_black=3801238095~rv=53~id=b1c3fdec29125affdc8f84550be0733d :path /bff/ordering/menu pragma no-cache x-newrelic-id VQUHVlNSARACUFRWDgADVA== traceparent 00-181750a0b60cbbb1106b0ad945050f70-f6408888131e1a49-01 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept application/json cache-control no-cache :authority app.starbucks.com referer https://app.starbucks.com/cards :scheme https sec-fetch-site same-origin :method GET X-NewRelic-ID VQUHVlNSARACUFRWDgADVA== tracestate 1758892@nr=0-1-1307519-24549305-f6408888131e1a49----1623785297132 traceparent 00-181750a0b60cbbb1106b0ad945050f70-f6408888131e1a49-01 accept-language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjEzMDc1MTkiLCJhcCI6IjI0NTQ5MzA1IiwiaWQiOiJmNjQwODg4ODEzMWUxYTQ5IiwidHIiOiIxODE3NTBhMGI2MGNiYmIxMTA2YjBhZDk0NTA1MGY3MCIsInRpIjoxNjIzNzg1Mjk3MTMyLCJ0ayI6IjE3NTg4OTIifX0= accept application/json Referer https://app.starbucks.com/cards Response headers strict-transport-security max-age=31536000; includeSubDomains x-correlation-id 990ba91c-7fe1-46b8-ac57-2b7ac43639fa x-content-type-options nosniff x-frame-options DENY etag W/"2eae6-7vGGVelHWhE5GfINo0s+pdZEgkY" vary Accept-Encoding content-language en-US content-encoding gzip cache-control max-age=420 date Tue, 15 Jun 2021 19:28:17 GMT server-timing edge; dur=330 origin; dur=122 cdn-cache; desc=MISS content-type application/json; charset=utf-8 content-length 34243 x-xss-protection 1; mode=block
POST H2	202	Events Show response jssdks.mparticle.com/v2/JS/2689bb1f07a4544aa30798862ab1df07/	42 B 128 B	64ms 19ms	XHR application/json	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v2/JS/2689bb1f07a4544aa30798862ab1df07/Events Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 77c25bfac83511c0cfea1536830412fb31572f2c15f4fe32b16a51a7425072b1 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 15 Jun 2021 19:28:17 GMT content-encoding gzip server Kestrel x-timer S1623785297.305440,VS0,VE4 x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-served-by cache-hhn4043-HHN vary Accept-Encoding x-cache MISS content-type application/json access-control-allow-origin * accept-ranges bytes via 1.1 varnish x-cache-hits 0
POST H2	202	Forwarding Show response jssdks.mparticle.com/v1/JS/2689bb1f07a4544aa30798862ab1df07/	0 58 B	44ms 19ms	XHR text/plain	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v1/JS/2689bb1f07a4544aa30798862ab1df07/Forwarding Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 15 Jun 2021 19:28:17 GMT via 1.1 varnish server Kestrel x-timer S1623785297.305618,VS0,VE4 x-served-by cache-hhn4043-HHN x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-cache MISS access-control-allow-origin * accept-ranges bytes content-length 0 x-cache-hits 0
POST H2	202	Events Show response jssdks.mparticle.com/v2/JS/2689bb1f07a4544aa30798862ab1df07/	42 B 120 B	40ms 19ms	XHR application/json	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v2/JS/2689bb1f07a4544aa30798862ab1df07/Events Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 77c25bfac83511c0cfea1536830412fb31572f2c15f4fe32b16a51a7425072b1 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 15 Jun 2021 19:28:17 GMT content-encoding gzip server Kestrel x-timer S1623785297.305576,VS0,VE4 x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-served-by cache-hhn4043-HHN vary Accept-Encoding x-cache MISS content-type application/json access-control-allow-origin * accept-ranges bytes via 1.1 varnish x-cache-hits 0
POST H2	202	Events Show response jssdks.mparticle.com/v2/JS/2689bb1f07a4544aa30798862ab1df07/	42 B 294 B	37ms 19ms	XHR application/json	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v2/JS/2689bb1f07a4544aa30798862ab1df07/Events Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash 77c25bfac83511c0cfea1536830412fb31572f2c15f4fe32b16a51a7425072b1 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 15 Jun 2021 19:28:17 GMT content-encoding gzip server Kestrel x-timer S1623785297.305599,VS0,VE2 x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-served-by cache-hhn4043-HHN vary Accept-Encoding x-cache MISS content-type application/json access-control-allow-origin * accept-ranges bytes via 1.1 varnish x-cache-hits 0
POST H3-29	200	collect Show response www.google-analytics.com/j/	4 B 24 B	18ms 18ms	XHR text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=615760370&t=pageview&_s=1&dl=https%3A%2F%2Fapp.starbucks.com%2Fcards&dp=%2Fcards&ul=en-us&de=UTF-8&dt=Starbucks%20Coffee%20Company&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDACEAjBAAAAC~&jid=1725086398&gjid=963277283&cid=2121563851.1623785296&tid=UA-82424379-1&_gid=600363142.1623785296&_r=1&_slc=1&cd187=https%3A%2F%2Fapp.starbucks.com%2Fcards&cd188=&z=1775852832 Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 15 Jun 2021 19:28:17 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://app.starbucks.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	202	Forwarding Show response jssdks.mparticle.com/v1/JS/2689bb1f07a4544aa30798862ab1df07/	0 58 B	22ms 22ms	XHR text/plain	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v1/JS/2689bb1f07a4544aa30798862ab1df07/Forwarding Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 15 Jun 2021 19:28:17 GMT via 1.1 varnish server Kestrel x-timer S1623785297.319770,VS0,VE3 x-served-by cache-hhn4043-HHN x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-cache MISS access-control-allow-origin * accept-ranges bytes content-length 0 x-cache-hits 0
POST H2	202	Forwarding Show response jssdks.mparticle.com/v1/JS/2689bb1f07a4544aa30798862ab1df07/	0 58 B	20ms 16ms	XHR text/plain	2a04:4e42:400::645 FASTLY
General Check archive.org Show headers Download Go to Full URL https://jssdks.mparticle.com/v1/JS/2689bb1f07a4544aa30798862ab1df07/Forwarding Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 15 Jun 2021 19:28:17 GMT via 1.1 varnish server Kestrel x-timer S1623785297.325142,VS0,VE3 x-served-by cache-hhn4043-HHN x-origin-name 7arPuRjnqGEhiMyprEtnLk--F_us1_origin x-cache MISS access-control-allow-origin * accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	204	/ cookiesync.mparticle.com/v1/sync/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=-8258231644419084144&esid=32522&Key=2689bb1f07a4544aa30798862ab1df07&env=2 https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=-8258231644419084144&esid=32522&Key=2689bb1f07a4544aa30798862ab1df07&env=2&google_tc= https://cookiesync.mparticle.com/v1/sync/?id=CAESEHfSha2nJpUzkfguowmyTNA&MPID=-8258231644419084144&esid=32522&Key=2689bb1f07a4544aa30798862ab1df07&env=2&google_cver=1	0 186 B	424ms 388ms	Image text/plain	2a04:4e42::645 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cookiesync.mparticle.com/v1/sync/?id=CAESEHfSha2nJpUzkfguowmyTNA&MPID=-8258231644419084144&esid=32522&Key=2689bb1f07a4544aa30798862ab1df07&env=2&google_cver=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::645 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:28:18 GMT via 1.1 varnish server Kestrel x-timer S1623785298.753593,VS0,VE374 x-origin-name 6pOFtq5qpnIJ0Pt8WbH5c2--F_us1_origin x-cache MISS x-cache-hits 0 accept-ranges bytes x-served-by cache-fra19120-FRA Redirect headers pragma no-cache date Tue, 15 Jun 2021 19:28:17 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cookiesync.mparticle.com/v1/sync/?id=CAESEHfSha2nJpUzkfguowmyTNA&MPID=-8258231644419084144&esid=32522&Key=2689bb1f07a4544aa30798862ab1df07&env=2&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 383 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	config.json Show response c.go-mpulse.net/api/ Frame 8E8F	1 KB 895 B	61ms 60ms	XHR application/json	2a02:26f0:6c00:1bb::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.go-mpulse.net/api/config.json?key=HHB3F-A7T87-EXZWT-MGPRQ-KZYBS&d=app.starbucks.com&t=5412618&v=1.687.0&if=&sl=0&si=47a8fd6c-de76-4ca4-a56a-ef1b7a0e3e91-qurcr2&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,LOGN&acao=&ak.ai=372024 Requested by Host: s.go-mpulse.net URL: https://s.go-mpulse.net/boomerang/HHB3F-A7T87-EXZWT-MGPRQ-KZYBS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 75265d49f8674fe279452fcba016a3476f4cdfe14513ae5e71265a8ec575c8a7 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 15 Jun 2021 19:28:17 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin * Cache-Control private, max-age=300, stale-while-revalidate=60, stale-if-error=120 Connection keep-alive Timing-Allow-Origin * Content-Length 575
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 86 B	15ms 14ms	XHR text/plain	2a00:1450:400c:c08::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-82424379-1&cid=2121563851.1623785296&jid=1725086398&gjid=963277283&_gid=600363142.1623785296&_u=aHDACEAiBAAAAC~&z=1496919820 Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 15 Jun 2021 19:28:17 GMT content-type text/plain access-control-allow-origin https://app.starbucks.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	671cca5e0f Show response bam-cell.nr-data.net/events/1/	24 B 554 B	217ms 166ms	XHR image/gif	162.247.243.147 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/events/1/671cca5e0f?a=24549142&v=1209.f04e2b9&to=NQMBZkJRXEAEAhJQCgxJJkpAQldAFgsVFiInMkwdQ1VARQwCA04KEA0GQB5aQQ%3D%3D&rst=4042&ck=1&ref=https://app.starbucks.com/cards Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS Software cloudflare / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type text/plain Response headers Date Tue, 15 Jun 2021 19:28:17 GMT CF-Cache-Status DYNAMIC Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://app.starbucks.com access-control-allow-credentials true Connection keep-alive CF-Ray 65fe335e8f24b7e1-CDG Content-Length 24 cf-request-id 0ab2be6f160000b7e1340db000000001
GET H2	200	card-and-stars.png app.starbucks.com/weblx/images/cards/	40 KB 40 KB	63ms 59ms	Image image/webp	104.109.84.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://app.starbucks.com/weblx/images/cards/card-and-stars.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.109.84.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-84-236.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 22e4aa264d4945b682ff2987b0139ecb1f43da6c1f24afec43a72ddecfc2dbc5 Security Headers Name Value X-Content-Type-Options nosniff Request headers :path /weblx/images/cards/card-and-stars.png pragma no-cache cookie _gcl_au=1.1.164205571.1623785296; _ga=GA1.2.2121563851.1623785296; _gid=GA1.2.600363142.1623785296; _uetsid=d589aa40ce0f11eb94e57dc44608668e; _uetvid=d58a8b80ce0f11ebae89b91b31aa9bcb; _ga=GA1.3.2121563851.1623785296; _gid=GA1.3.600363142.1623785296; ux_exp_id=aff68bab-1cfe-48fa-9177-220ddb5b0af6; TS01d169da=0149140096a310aaf20da3cd30a4b3b17bf8cfe90837d1225f2cb738b25d691200326efdeeaec288654b2fbe71ad0d3d3917fac293; mprtcl-v4_D61E2A41={'gs':{'ie':1|'dt':'2689bb1f07a4544aa30798862ab1df07'|'cgid':'947772f4-3e98-40cc-b39a-437cdfc992be'|'das':'c9446d00-6ee5-4c6a-bdb5-d57716239dd9'|'csm':'WyItODI1ODIzMTY0NDQxOTA4NDE0NCJd'|'sid':'4139CDD2-4CFA-48AF-B171-6C7362881176'|'les':1623785296907|'ssd':1623785296841}|'l':0|'-8258231644419084144':{'fst':1623785297188|'csd':'eyI0MSI6MTYyMzc4NTI5NzE5OX0='}|'cu':'-8258231644419084144'}; TS013067a9=0149140096da37a324905e07d8c962f7b81b3de2a1adaa2d77d1baf5ff35604e680d6353a4425d5e2e1d8c91b573c246d593bc5575; akacd_red_black=3801238096~rv=50~id=9ac485e3b212f71714b147bacd351ddd; _gat_mpgaTracker1=1; RT="z=1&dm=app.starbucks.com&si=c0d49ecc-bba3-4ecb-bfae-6ab38329cdb0&ss=kpyfu77t&sl=0&tt=0&bcn=%2F%2F1737ad5c.akstat.io%2F" accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority app.starbucks.com referer https://app.starbucks.com/cards :scheme https sec-fetch-site same-origin :method GET Referer https://app.starbucks.com/cards User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:28:17 GMT x-content-type-options nosniff last-modified Sat, 22 May 2021 15:13:53 GMT server Akamai Image Manager etag "60a695ea-22b05" content-type image/webp cache-control private, no-transform, max-age=503135 server-timing cdn-cache; desc=HIT edge; dur=15 content-length 40746 expires Mon, 21 Jun 2021 15:13:52 GMT
GET DATA	200 OK	truncated /	420 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 852bbf67c9988f8ed7e43118f914e581efb96fa4eb6d06eaf626672df92ce5fe Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
POST H2	204	/ 1737ad5c.akstat.io/	0 203 B	40ms 37ms	Ping image/gif	2a02:26f0:6c00:287::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://1737ad5c.akstat.io/ Requested by Host: s.go-mpulse.net URL: https://s.go-mpulse.net/boomerang/HHB3F-A7T87-EXZWT-MGPRQ-KZYBS Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 15 Jun 2021 19:28:19 GMT content-type image/gif access-control-allow-origin https://app.starbucks.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true timing-allow-origin * x-xss-protection 0 expires Tue, 15 Jun 2021 19:28:19 GMT
POST H/1.1	200 OK	671cca5e0f Show response bam-cell.nr-data.net/events/1/	24 B 554 B	148ms 147ms	XHR image/gif	162.247.243.147 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/events/1/671cca5e0f?a=24549142&v=1209.f04e2b9&to=NQMBZkJRXEAEAhJQCgxJJkpAQldAFgsVFiInMkwdQ1VARQwCA04KEA0GQB5aQQ%3D%3D&rst=12834&ck=1&ref=https://app.starbucks.com/cards Requested by Host: app.starbucks.com URL: https://app.starbucks.com/vendor/static/vendor2.js?seed=AIBvCxF6AQAAi1_1uqyBd3WpLpkXPrxjMR4UvyFe6yLCSg_mYqqvnmZ5l4qf&X-DQ7Hy5L1--z=q Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS Software cloudflare / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://app.starbucks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type text/plain Response headers Date Tue, 15 Jun 2021 19:28:26 GMT CF-Cache-Status DYNAMIC Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://app.starbucks.com access-control-allow-credentials true Connection keep-alive CF-Ray 65fe33953e7d6942-CDG Content-Length 24 cf-request-id 0ab2be914800006942ed02a000000001