starbucks-greenaprons.cfd Open in urlscan Pro
194.213.18.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://starbucks-greenaprons.cfd/
Submission: On May 21 via api (May 21st 2024, 9:08:05 am UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 194.213.18.160, located in Ashburn, United States and belongs to CLOUVIDER Clouvider - Global ASN, GB. The main domain is starbucks-greenaprons.cfd.
TLS certificate: Issued by R3 on May 20th 2024. Valid for: 3 months.

This is the only time starbucks-greenaprons.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	194.213.18.160 194.213.18.160	62240 (CLOUVIDER...) (CLOUVIDER Clouvider - Global ASN)
2	185.70.42.11 185.70.42.11	62371 (PROTON) (PROTON)
2	185.70.42.36 185.70.42.36	() ()
22	4

17 194.213.18.160 (Ashburn, United States)

ASN62240 (CLOUVIDER Clouvider - Global ASN, GB)
PTR: metropolassetsmanagers.online

starbucks-greenaprons.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.70.42.11 (Switzerland)

ASN62371 (PROTON, CH)
PTR: 185-70-42-11.protonmail.ch

reports.proton.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.70.42.36 (None, )

ASN- ()

account.proton.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	starbucks-greenaprons.cfd starbucks-greenaprons.cfd	2 MB
4	proton.me reports.proton.me — Cisco Umbrella Rank: 157586 account.proton.me	3 KB
22	2

	Domain	Requested by
17	starbucks-greenaprons.cfd	starbucks-greenaprons.cfd
2	account.proton.me	starbucks-greenaprons.cfd
2	reports.proton.me
22	3

This site contains links to these domains. Also see Links.

Domain
cfd

Subject Issuer	Validity	Valid
adm.gamingtheory.shop R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
proton.me R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://starbucks-greenaprons.cfd/
Frame ID: 1DA895D4E78FAFBDAC44A3759F78AE95
Requests: 23 HTTP requests in this frame

Frame: data://truncated
Frame ID: A2D95D9EB8B02A34708EC18F45B892C2
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6BEA73395E8D917FBE478258D8D138C7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Proton Account: Sign-in

Page Statistics

22
Requests

18 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

1661 kB
Transfer

5542 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://cfd/
Title: Proton

Search URL Search Domain Scan URL

URL: https://cfd/support/keep-me-signed-in
Title: Why?

Search URL Search Domain Scan URL

URL: https://cfd/legal/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://cfd/legal/privacy
Title: Privacy policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
starbucks-greenaprons.cfd/ 7 KB
3 KB 784ms
544ms Document
text/html 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

581b4c3d8d9f7f2fe4b8f4c966a148e12d5a4e3b266fda03476f44f0d7bc1f1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1737
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
content-type: text/html; charset=UTF-8
date: Tue, 21 May 2024 09:07:58 GMT
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
expires: Wed, 11 Jan 1984 05:00:00 GMT
last-modified: Fri, 17 May 2024 14:56:13 GMT
onion-location: https://account.protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion
pragma: no-cache
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 public.d4e60187.css
starbucks-greenaprons.cfd/assets/ 272 KB
45 KB 495ms
489ms Stylesheet
text/css 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/public.d4e60187.css?v=5.0.124.1

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

635556a5aa27d1037a49efae2616898b223c854481742f9fe6e56f0d65b33d7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 45152
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
etag: "44118-618a78d825d40-gzip"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: text/css
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes

GET
H2 200 runtime.494d42dc.js Show response
starbucks-greenaprons.cfd/assets/ 29 KB
16 KB 553ms
547ms Script
application/javascript 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/runtime.494d42dc.js?v=5.0.124.1

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

092bb951aea53f63a28f20d28c70790f805856ac97132dcbe0e1eb1522cb2d1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Origin: https://starbucks-greenaprons.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15323
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
etag: "75db-618a78d825d40-gzip"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes

GET
H2 200 pre.1fde470a.js Show response
starbucks-greenaprons.cfd/assets/ 828 B
2 KB 538ms
537ms Script
application/javascript 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/pre.1fde470a.js?v=5.0.124.1

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

b26391fce31c88028e54dd0487d3eba9fbe2d652029839b0a386b584ef86a333

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Origin: https://starbucks-greenaprons.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 478
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
etag: "33c-618a78d825d40-gzip"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes

GET
H2 200 public.f02fce13.js Show response
starbucks-greenaprons.cfd/assets/ 4 MB
884 KB 565ms
565ms Script
application/javascript 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/public.f02fce13.js?v=5.0.124.1

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

af2d054ed8f7dd986cef6f33ebe22c69468f7485811b8a593ab7f779c97ab868

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Origin: https://starbucks-greenaprons.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
etag: "3ba535-618a78d825d40-gzip"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes

GET
H2 200 unsupported.b7f6e86d.js Show response
starbucks-greenaprons.cfd/assets/ 8 KB
4 KB 480ms
480ms Script
application/javascript 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/unsupported.b7f6e86d.js?v=5.0.124.1

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

088809113280613781a4a8b88ec5992cb27d5adca7a86fe2a0ae0518ee360c5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Origin: https://starbucks-greenaprons.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3366
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
etag: "1f8c-618a78d825d40-gzip"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cfdbcf80c99a2666e810de78f93932251c3a30ddec9bec29d5087bd7047af31

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 InterVariable.a0e477f2f1f9d2376fde.woff2
starbucks-greenaprons.cfd/assets/ 337 KB
339 KB 509ms
509ms Font
font/woff2 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/InterVariable.a0e477f2f1f9d2376fde.woff2?v=5.0.124.1

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/assets/public.d4e60187.css?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/assets/public.d4e60187.css?v=5.0.124.1
Origin: https://starbucks-greenaprons.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:00 GMT
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: "545f4-618a78d825d40"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type: font/woff2
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes
content-length: 345588
x-xss-protection: 0

GET
H2 200 en-US.6a464fb1.chunk.js Show response
starbucks-greenaprons.cfd/assets/date-fns/ 9 KB
4 KB 483ms
483ms Script
application/javascript 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/date-fns/en-US.6a464fb1.chunk.js?v=5.0.124.1

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/assets/runtime.494d42dc.js?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

61f87eccca388b6f062364bc12ba787cbd4fc9aa52b6c7163963b677936b03ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Origin: https://starbucks-greenaprons.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2647
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
etag: "2347-618a78d825d40-gzip"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes

GET
H2 200 favicon.85478299dafc69454be0.svg
starbucks-greenaprons.cfd/assets/ 1 KB
2 KB 483ms
483ms Other
image/svg+xml 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/favicon.85478299dafc69454be0.svg?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

e599e9db5cb154d9e98f8205cf02bea37fdcf39cccfde17c87ef8fa183342838

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
server: nginx/1.24.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: image/svg+xml
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
x-permitted-cross-domain-policies: none
accept-ranges: bytes
content-length: 494
x-xss-protection: 0

GET
H2 200 crypto-worker.e8455937.chunk.js
starbucks-greenaprons.cfd/assets/ 503 KB
159 KB 534ms
534ms Other
application/javascript 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/crypto-worker.e8455937.chunk.js?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

7fa3d793199af3dfe0e4524b19a31a26f113dab513420ed36d85d853b17e625e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
etag: "7da1b-618a78d825d40-gzip"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes

GET
H2 200 favicon.ico
starbucks-greenaprons.cfd/assets/ 33 KB
34 KB 522ms
522ms Other
image/vnd.microsoft.icon 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

b14b9633f3e695331dd486d257ba034ae6b807c950ea52c37ac37432982ec853

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:01 GMT
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: "821e-618a78d825d40"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type: image/vnd.microsoft.icon
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes
content-length: 33310
x-xss-protection: 0

GET
H2 200 crypto-worker.e8455937.chunk.js
starbucks-greenaprons.cfd/assets/ 503 KB
159 KB 563ms
562ms Other
application/javascript 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/crypto-worker.e8455937.chunk.js?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

7fa3d793199af3dfe0e4524b19a31a26f113dab513420ed36d85d853b17e625e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 May 2024 14:56:13 GMT
server: nginx/1.24.0
etag: "7da1b-618a78d825d40-gzip"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes

POST
H2 200 csp
reports.proton.me/reports/ 0
201 B 86ms
27ms Other
text/plain 185.70.42.11
PROTON

General

Check archive.org

Show headers Download Go to

Full URL

https://reports.proton.me/reports/csp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.70.42.11 , Switzerland, ASN62371 (PROTON, CH),

Reverse DNS

185-70-42-11.protonmail.ch

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://starbucks-greenaprons.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A2D9 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A2D9 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A2D9 155 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 sessions Show response
starbucks-greenaprons.cfd/api/auth/v4/ 198 B
1 KB 581ms
580ms Fetch
application/json 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/api/auth/v4/sessions

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/assets/public.f02fce13.js?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

a6186807ed3da5329dc01605fb83020f30a6160f4dac23bdd28c3587254868dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-pm-locale: en_US
accept: application/vnd.protonmail.v1+json
x-enforce-unauthsession: true
Referer: https://starbucks-greenaprons.cfd/
x-pm-appversion: web-account@5.0.124.1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
access: application/vnd.protonmail.api+json;apiversion=4
content-length: 183
x-xss-protection: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/json
upgrade: h2
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
expires: -1

POST
H2 200 cookies Show response
starbucks-greenaprons.cfd/api/core/v4/auth/ 85 B
2 KB 817ms
816ms Fetch
application/json 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/api/core/v4/auth/cookies

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/assets/public.f02fce13.js?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

0d4fae7ed4f47ab2f0322bb54aa5be757beb061942825b08b7f7d44151971114

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer godagy6sjfia6u5yxtrscdupylb3ait2
x-pm-locale: en_US
x-pm-uid: 4gbiklqtgelrqywl75naonnnqpnstlbt
Content-Type: application/json
accept: application/vnd.protonmail.v1+json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://starbucks-greenaprons.cfd/
x-pm-appversion: web-account@5.0.124.1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
access: application/vnd.protonmail.api+json;apiversion=4
content-length: 101
x-xss-protection: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/json
upgrade: h2
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
expires: -1

GET
H2 200 frontend Show response
starbucks-greenaprons.cfd/api/feature/v2/ 4 KB
2 KB 679ms
678ms Fetch
application/json 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/api/feature/v2/frontend?sessionId=880089749&appName=-&environment=default

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/assets/public.f02fce13.js?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

2c4ddef9abf6ffe939f08fc2bb35e029322454f8736ae297901c36115a9d87c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: -
x-pm-locale: en_US
x-pm-uid: 4gbiklqtgelrqywl75naonnnqpnstlbt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept: application/vnd.protonmail.v1+json, application/json
Referer: https://starbucks-greenaprons.cfd/
x-pm-appversion: web-account@5.0.124.1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
access: application/vnd.protonmail.api+json;apiversion=2
content-length: 549
x-xss-protection: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/json
upgrade: h2
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
expires: -1

GET
H2 200 host.png
account.proton.me/assets/ 42 B
1 KB 151ms
37ms Image
image/png 185.70.42.36

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.proton.me/assets/host.png

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/assets/public.d4e60187.css?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.70.42.36 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:06:49 GMT
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 17 May 2024 14:56:13 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
age: 75
etag: "2a-618a78d825d40"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type: image/png
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes
content-length: 42
x-xss-protection: 0

GET
H2 200 %68%6f%73%74.%70%6e%67
account.proton.me/%61%73%73%65%74%73/ 42 B
1 KB 151ms
39ms Image
image/png 185.70.42.36

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.proton.me/%61%73%73%65%74%73/%68%6f%73%74.%70%6e%67

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/assets/public.d4e60187.css?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.70.42.36 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:01:05 GMT
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 17 May 2024 14:56:13 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
age: 419
etag: "2a-618a78d825d40"
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
content-type: image/png
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
accept-ranges: bytes
content-length: 42
x-xss-protection: 0

GET
H2 200 available Show response
starbucks-greenaprons.cfd/api/domains/ 54 B
1 KB 620ms
620ms Fetch
application/json 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/api/domains/available?Type=login

Requested by

Host: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/assets/public.f02fce13.js?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

3ba9fce180e0a7fe534adb72b6fc0240bbf47de8eebc5daaf4b66eeca712a434

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-pm-locale: en_US
x-pm-uid: 4gbiklqtgelrqywl75naonnnqpnstlbt
accept: application/vnd.protonmail.v1+json
Referer: https://starbucks-greenaprons.cfd/login
x-pm-appversion: web-account@5.0.124.1
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
access: application/vnd.protonmail.api+json;apiversion=3
content-length: 67
x-xss-protection: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: application/json
upgrade: h2
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
expires: -1

GET
H2 200 favicon.85478299dafc69454be0.svg
starbucks-greenaprons.cfd/assets/ 1 KB
2 KB 495ms
495ms Other
image/svg+xml 194.213.18.160
Global ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://starbucks-greenaprons.cfd/assets/favicon.85478299dafc69454be0.svg?v=5.0.124.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.213.18.160 Ashburn, United States, ASN62240 (CLOUVIDER Clouvider - Global ASN, GB),

Reverse DNS

metropolassetsmanagers.online

Software

nginx/1.24.0 /

Resource Hash

e599e9db5cb154d9e98f8205cf02bea37fdcf39cccfde17c87ef8fa183342838

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://starbucks-greenaprons.cfd/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 09:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
server: nginx/1.24.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=2592000, enforce, report-uri="https://reports.proton.me/reports/tls"
vary: Accept-Encoding
content-type: image/svg+xml
public-key-pins-report-only: pin-sha256="CT56BhOTmj5ZIPgb/xD5mH8rY3BLo/MlhP7oPyJUEDo="; pin-sha256="35Dx28/uzN3LeltkCBQ8RHK0tlNSa2kCpCRGNp34Gxc="; report-uri="https://reports.proton.me/reports/tls"
x-permitted-cross-domain-policies: none
accept-ranges: bytes
content-length: 494
x-xss-protection: 0

POST
H2 200 csp
reports.proton.me/reports/ 0
200 B 32ms
32ms Other
text/plain 185.70.42.11
PROTON

General

Check archive.org

Show headers Download Go to

Full URL

https://reports.proton.me/reports/csp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.70.42.11 , Switzerland, ASN62371 (PROTON, CH),

Reverse DNS

185-70-42-11.protonmail.ch

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://starbucks-greenaprons.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6BEA 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6BEA 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6BEA 155 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET favicon.ico
starbucks-greenaprons.cfd/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: starbucks-greenaprons.cfd
URL: https://starbucks-greenaprons.cfd/assets/favicon.ico

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
starbucks-greenaprons.cfd/api/auth/refresh	1969-12-31 23:59:59	Name: REFRESH-4gbiklqtgelrqywl75naonnnqpnstlbt Value: %7B%22ResponseType%22%3A%22token%22%2C%22ClientID%22%3A%22WebAccount%22%2C%22GrantType%22%3A%22refresh_token%22%2C%22RefreshToken%22%3A%22scvlna2t47yumf63s2g3jqofr7jgz66w%22%2C%22UID%22%3A%224gbiklqtgelrqywl75naonnnqpnstlbt%22%2C%22RedirectURI%22%3A%22https%3A%5C%2F%5C%2Fmail.proton.me%22%7D
starbucks-greenaprons.cfd/api/	1969-12-31 23:59:59	Name: AUTH-4gbiklqtgelrqywl75naonnnqpnstlbt Value: z42tmzu72v3d5xwolxckxy6anidp5hhe
starbucks-greenaprons.cfd/	1970-01-20 22:54:18	Name: Tag Value: default
starbucks-greenaprons.cfd/	1970-01-20 22:54:18	Name: Domain Value: proton.me

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://starbucks-greenaprons.cfd/assets/public.f02fce13.js?v=5.0.124.1(Line 120) Message: Refused to frame 'https://starbucks-greenaprons-api.cfd/' because it violates the following Content Security Policy directive: "frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me".
security	error	URL: https://starbucks-greenaprons.cfd/assets/public.f02fce13.js?v=5.0.124.1(Line 120) Message: Refused to frame 'https://starbucks-greenaprons-api.cfd/' because it violates the following Content Security Policy directive: "frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me".
other	warning	URL: https://starbucks-greenaprons.cfd/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://starbucks-greenaprons.cfd/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://starbucks-greenaprons.cfd/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://starbucks-greenaprons.cfd/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' blob: https://proton.me https://*.protonmail.com; script-src 'self' 'wasm-unsafe-eval' blob: 'sha256-eAhF1Kdccp0BTXM6nMW7SYBdV0c3fZwzcC177TQ692g='; style-src 'self' 'unsafe-inline'; img-src http: https: data: blob: cid:; frame-src 'self' blob: data: https://www.youtube-nocookie.com https://account-api.proton.me; object-src 'self' blob:; child-src 'self' data: blob:; report-uri https://reports.proton.me/reports/csp; frame-ancestors https://verify.proton.me https://mail.proton.me https://calendar.proton.me https://drive.proton.me https://account-api.proton.me;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.proton.me
reports.proton.me
starbucks-greenaprons.cfd
starbucks-greenaprons.cfd
185.70.42.11
185.70.42.36
194.213.18.160
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
088809113280613781a4a8b88ec5992cb27d5adca7a86fe2a0ae0518ee360c5f
092bb951aea53f63a28f20d28c70790f805856ac97132dcbe0e1eb1522cb2d1c
0d4fae7ed4f47ab2f0322bb54aa5be757beb061942825b08b7f7d44151971114
2c4ddef9abf6ffe939f08fc2bb35e029322454f8736ae297901c36115a9d87c9
3ba9fce180e0a7fe534adb72b6fc0240bbf47de8eebc5daaf4b66eeca712a434
581b4c3d8d9f7f2fe4b8f4c966a148e12d5a4e3b266fda03476f44f0d7bc1f1c
61f87eccca388b6f062364bc12ba787cbd4fc9aa52b6c7163963b677936b03ba
635556a5aa27d1037a49efae2616898b223c854481742f9fe6e56f0d65b33d7d
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
7cfdbcf80c99a2666e810de78f93932251c3a30ddec9bec29d5087bd7047af31
7fa3d793199af3dfe0e4524b19a31a26f113dab513420ed36d85d853b17e625e
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
a6186807ed3da5329dc01605fb83020f30a6160f4dac23bdd28c3587254868dd
af2d054ed8f7dd986cef6f33ebe22c69468f7485811b8a593ab7f779c97ab868
b14b9633f3e695331dd486d257ba034ae6b807c950ea52c37ac37432982ec853
b26391fce31c88028e54dd0487d3eba9fbe2d652029839b0a386b584ef86a333
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e599e9db5cb154d9e98f8205cf02bea37fdcf39cccfde17c87ef8fa183342838
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

starbucks-greenaprons.cfd Open in urlscan Pro 194.213.18.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

22 Requests

18 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

4 IPs

2 Countries

1661 kBTransfer

5542 kBSize

4 Cookies

4 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

starbucks-greenaprons.cfd Open in urlscan Pro
194.213.18.160 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

18 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

1661 kB
Transfer

5542 kB
Size

4
Cookies

22 HTTP transactions
7 data transactions