Overview

URL urldefense.com/v3/__https://starbucks.cashstar.com/gift-card/view/udRe6EP6dCGgpbG2bEyedxb1K/david.klungle*40spectrumhealth.org/__;JQ!!DQv46r5x2oY!My4Ect-AGTBu63aUklX8cQMmajm6kmsRmqFUIualXfoCY-B85yP3gewzy0VPdWu0coM6EiJvcET3aAXsGkfOpeBLZfOg8LVoMV_O$
IP52.71.28.102
ASNAMAZON-AES
Location United States
Report completed2022-09-28 12:10:01 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS starbucks.cashstar.com (1) 154946 2013-01-01 04:04:54 UTC 2022-09-28 00:02:18 UTC 151.101.85.24
mnemonic passive DNS consent.trustarc.com (4) 3323 2019-10-09 03:21:35 UTC 2022-09-28 11:03:01 UTC 143.204.55.80
mnemonic passive DNS client-api.arkoselabs.com (19) 14767 2019-03-01 20:59:26 UTC 2022-09-28 06:08:07 UTC 172.64.145.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-28 05:13:47 UTC 143.204.55.35
mnemonic passive DNS urldefense.com (1) 61470 2015-04-27 16:20:15 UTC 2022-09-28 08:10:44 UTC 52.71.28.102
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-28 07:11:36 UTC 142.250.74.164
mnemonic passive DNS mpsnare.iesnare.com (2) 5723 2016-04-10 11:13:26 UTC 2022-09-28 09:55:34 UTC 54.195.39.4
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-28 08:06:38 UTC 34.120.237.76
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-28 07:07:41 UTC 104.18.32.68
mnemonic passive DNS s3static.cashstar.com (11) 113103 2018-05-03 16:08:52 UTC 2022-09-20 23:50:02 UTC 151.101.84.138
mnemonic passive DNS cdn.ravenjs.com (1) 7146 2014-11-09 03:14:33 UTC 2022-09-28 11:04:43 UTC 151.101.2.217
mnemonic passive DNS fonts.gstatic.com (9) 0 2014-08-29 13:43:22 UTC 2022-09-28 04:36:33 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-28 07:43:30 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 11:00:28 UTC 143.204.55.36
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-28 08:57:43 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 54.148.77.40
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-28 04:36:20 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 52.71.28.102

Date UQ / IDS / BL URL IP
2022-11-30 18:09:55 +0000
0 - 0 - 0 urldefense.com/v3/__https://hello.coupa.com/a (...) 52.71.28.102
2022-11-17 20:51:17 +0000
1 - 0 - 0 urldefense.com/v3/__https:/docs.google.com/do (...) 52.71.28.102
2022-11-11 17:09:50 +0000
0 - 0 - 0 urldefense.com/v3/__https://t.rdsv1.net/ls/cl (...) 52.71.28.102
2022-11-10 20:46:10 +0000
0 - 0 - 0 urldefense.com/v3/__https:/temenos.zoom.us/re (...) 52.71.28.102
2022-11-09 03:47:41 +0000
0 - 0 - 4 urldefense.com/v3/__https:/review.docsign-onl (...) 52.71.28.102

Last 5 reports on ASN: AMAZON-AES

Date UQ / IDS / BL URL IP
2022-12-08 09:09:39 +0000
0 - 0 - 1 setupspeedyhighlyinfo-file.info/ergQqluwDzoVG (...) 3.226.146.143
2022-12-08 09:02:54 +0000
0 - 0 - 1 setupsophisticatedhighlyinfo-file.info/_L7PX3 (...) 3.226.146.143
2022-12-08 08:56:32 +0000
0 - 0 - 1 w1.msssev.com/prod/bc3453c4-2703-4503-957a-a2 (...) 35.169.203.233
2022-12-08 08:55:34 +0000
0 - 0 - 11 www.vongquay88.com/ 3.226.182.14
2022-12-08 08:55:15 +0000
0 - 0 - 4 networkcuratednetworkmoting.com/17994-125561/ (...) 54.157.54.92

Last 5 reports on domain: urldefense.com

Date UQ / IDS / BL URL IP
2022-12-06 06:16:51 +0000
0 - 0 - 132 urldefense.com/v3/__https:/tinyurl.com/yvxs84 (...) 52.204.90.22
2022-12-02 03:26:56 +0000
0 - 0 - 0 urldefense.com/v3/__https://bit.ly/3UGeNAg__; (...) 52.6.56.188
2022-11-30 18:09:55 +0000
0 - 0 - 0 urldefense.com/v3/__https://hello.coupa.com/a (...) 52.71.28.102
2022-11-29 17:31:11 +0000
0 - 0 - 0 urldefense.com/v3/__https://sites.google.com/ (...) 52.204.90.22
2022-11-27 00:17:26 +0000
0 - 0 - 29 urldefense.com/v3/__https:/tinyurl.com/cdk4aw (...) 52.204.90.22

No other reports with similar screenshot



JavaScript

Executed Scripts (41)


Executed Evals (10)

#1 JavaScript::Eval (size: 19, repeated: 1) - SHA256: 792745ad43c15402f5f3c18308ac895b24eabecae9dc97688ae5c3bc2f9dc0ea

                                        "foobar" [3] === "b"
                                    

#2 JavaScript::Eval (size: 62, repeated: 1) - SHA256: 9a40ef33f7700831131770a8048c5a08faa312d7311fc2c6ced1909ea6e458ce

                                        0,
function(J, h, S) {
    S = (h = (S = W(J), W)(J), J.o)[S] && N(J, S), D(J, h, S)
}
                                    

#3 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 845bc9957ec796475679312f3549c5361bebc0f9b442b665e40112f60f403a7a

                                        ({set x(v) {
        value = v;
    }
}).x = 1
                                    

#4 JavaScript::Eval (size: 17, repeated: 1) - SHA256: e101f44d5da7e166f0a9983225746d27fb641fcb101741f213f7ef8870aba5f0

                                        obj = ({
    if :1
})
                                    

#5 JavaScript::Eval (size: 22, repeated: 1) - SHA256: d651a2902f113132877a12117727707b1031e8f12615f8a3a0ad138ea5eb79ea

                                        0,
function(J) {
    WO(J, 2)
}
                                    

#6 JavaScript::Eval (size: 33, repeated: 1) - SHA256: f9915148c8219064ee261b4c1e8358fe9647ab3191f761c7c9633027c529219e

                                        ({get x() {
        return 1
    }
}).x === 1
                                    

#7 JavaScript::Eval (size: 15552, repeated: 1) - SHA256: b7bb0c5ac33ab436c5fe975360ef1af5f66987c6c8bf5c0569e749197b16ecaa

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var c = function(E) {
            return E
        },
        h = this || self,
        L = function(E, R) {
            if (R = (E = h.trustedTypes, null), !E || !E.createPolicy) return R;
            try {
                R = E.createPolicy("bg", {
                    createHTML: c,
                    createScript: c,
                    createScriptURL: c
                })
            } catch (J) {
                h.console && h.console.error(J.message)
            }
            return R
        };
    (0, eval)(function(E, R) {
        return (R = L()) && 1 === E.eval(R.createScript("1")) ? function(J) {
            return R.createScript(J)
        } : function(J) {
            return "" + J
        }
    }(h)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var R4=function(E,R,c,L,O,J){function h(){if(E.A==E){if(E.o){var S=[C,R,c,void 0,O,J,arguments];if(2==L)var q=a(false,false,(K(S,E),E));else if(1==L){var r=!E.j.length;K(S,E),r&&a(false,false,E)}else q=EI(E,S);return q}O&&J&&O.removeEventListener(J,h,u)}}return h},J_=function(E,R,c,L){function O(){}return{invoke:(L=sI(E,(c=void 0,function(J){O&&(R&&Y(R),c=J,O(),O=void 0)}),!!R)[0],function(J,h,S,q){function r(){c(function(A){Y(function(){J(A)})},S)}if(!h)return h=L(S),J&&J(h),h;c?r():(q=O,O=function(){Y((q(),r))})})}},D=function(E,R,c){if(260==R||63==R)E.o[R]?E.o[R].concat(c):E.o[R]=cO(E,c);else{if(E.l&&174!=R)return;139==R||279==R||115==R||108==R||485==R?E.o[R]||(E.o[R]=h_(134,c,R,E)):E.o[R]=h_(17,c,R,E)}174==R&&(E.S=e(32,E,false),E.X=void 0)},l=function(E,R){R.h=((R.h?R.h+"~":"E:")+E.message+":"+E.stack).slice(0,2048)},Sy=function(E,R,c,L){try{L=E[((R|0)+2)%3],E[R]=(E[R]|0)-(E[((R|0)+1)%3]|0)-(L|0)^(1==R?L<<c:L>>>c)}catch(O){throw O;}},OI=function(E,R){return R(function(c){c(E)}),[function(){return E}]},q0=function(E,R,c){return E.u(function(L){c=L},false,R),c},CU=function(E,R,c,L,O){(L=N((c=W((L=(E&=(O=E&4,3),W(R)),R)),R),L),O&&(L=rm(""+L)),E)&&B(c,X(L.length,2),R),B(c,L,R)},W=function(E,R){if(E.W)return KU(E.Z,E);return(R=e(8,E,true),R&128)&&(R^=128,E=e(2,E,true),R=(R<<2)+(E|0)),R},m=function(E,R,c){c=this;try{a4(this,R,E)}catch(L){l(L,this),R(function(O){O(c.h)})}},A_=function(E,R,c,L,O){for(R=(L=R[O=0,3]|0,R[2]|0);14>O;O++)c=c>>>8|c<<24,L=L>>>8|L<<24,c+=E|0,E=E<<3|E>>>29,c^=R+1890,L+=R|0,L^=O+1890,R=R<<3|R>>>29,E^=c,R^=L;return[E>>>24&255,E>>>16&255,E>>>8&255,E>>>0&255,c>>>24&255,c>>>16&255,c>>>8&255,c>>>0&255]},uN=function(E,R){D(R,260,((R.hh.push(R.o.slice()),R).o[260]=void 0,E))},Z=function(E,R){for(R=[];E--;)R.push(255*Math.random()|0);return R},sI=function(E,R,c,L){return(L=y[E.substring(0,3)+"_"])?L(E.substring(3),R,c):OI(E,R)},cO=function(E,R,c){return(c=g[E.U](E.sl),c[E.U]=function(){return R},c).concat=function(L){R=L},c},iN=function(E,R){((R.push(E[0]<<24|E[1]<<16|E[2]<<8|E[3]),R).push(E[4]<<24|E[5]<<16|E[6]<<8|E[7]),R).push(E[8]<<24|E[9]<<16|E[10]<<8|E[11])},X=function(E,R,c,L){for(c=(L=[],R|0)-1;0<=c;c--)L[(R|0)-1-(c|0)]=E>>8*c&255;return L},nU=function(E,R,c,L){L=(c=W(E),W(E)),B(L,X(N(E,c),R),E)},TT=function(E,R,c,L){for(;R.j.length;){c=(R.G=null,R.j.pop());try{L=EI(R,c)}catch(O){l(O,R)}if(E&&R.G){(E=R.G,E)(function(){a(true,true,R)});break}}return L},wm=function(E,R){return g[E](g.prototype,{parent:R,propertyIsEnumerable:R,prototype:R,console:R,floor:R,document:R,splice:R,replace:R,call:R,pop:R,length:R,stack:R})},h_=function(E,R,c,L,O,J,h,S){return h=g[L.U]((J=(R=[51,27,-23,78,28,-90,(O=Y1,R),37,-90,16],E&7),L).Ah),h[L.U]=function(q){J+=(S=q,6)+7*E,J&=7},h.concat=function(q){return(q=(q=c%16+1,5)*c*c*q- -1972*S-918*c*S+J+34*S*S+(O()|0)*q-q*S+R[J+35&7]*c*q-170*c*c*S,q=R[q],S=void 0,R)[(J+61&7)+(E&2)]=q,R[J+(E&2)]=27,q},h},a=function(E,R,c,L,O,J){if(c.j.length){c.qN=(c.i&&0(),E),c.i=true;try{O=c.K(),c.I=O,c.H=0,c.B=O,L=TT(E,c),J=c.K()-c.I,c.Y+=J,J<(R?0:10)||0>=c.L--||(J=Math.floor(J),c.N.push(254>=J?J:254))}finally{c.i=false}return L}},pU=function(E,R){if(R=(E=null,x).trustedTypes,!R||!R.createPolicy)return E;try{E=R.createPolicy("bg",{createHTML:zT,createScript:zT,createScriptURL:zT})}catch(c){x.console&&x.console.error(c.message)}return E},K=function(E,R){R.j.splice(0,0,E)},a4=function(E,R,c,L,O){for(L=(O=((E.Ah=((E.yp=D8,E).pz=ey,E.XL=E[P],wm)(E.U,{get:function(){return this.concat()}}),E).sl=g[E.U](E.Ah,{value:{value:{}}}),[]),0);128>L;L++)O[L]=String.fromCharCode(L);((K([(V(348,E,(V((V(390,E,((V(461,((V(452,E,(V(249,E,(V(364,(V((V(164,(V(188,((V(234,E,(D(E,139,[160,0,(D(E,115,(D(E,279,(V(69,E,(V((V(61,(V(141,(D(E,(E.eG=(D(E,(V((D((V(437,(D(E,485,(D(E,(V(229,E,(D(E,((D(E,408,(V(200,(V(402,E,(V(236,E,(D(E,(V(214,E,(V(0,((V(23,(D(E,293,(D(E,(D(E,260,(E.Kz=(E.WF=(E.g=((E.h=(E.P=[],void 0),E.X=void 0,E).W=void 0,E.T=(E.v=(E.C=1,E.Y=0,8001),0),(E.B=0,E).L=(E.A=E,E.o=[],E.F=[],(E.H=void 0,E).N=[],(E.qN=false,E.Z=void 0,E.G=null,E).S=void 0,(E.j=[],E.O=void 0,E).l=((E.ZX=0,E).s=0,L=(E.I=0,window.performance||{}),false),E.hh=[],25),0),function(J){this.A=J}),E.i=false,L.timeOrigin||(L.timing||{}).navigationStart||0),0)),63),0),E)),E),function(J,h,S,q,r,A,n){for(q=(h=N(J,(n=(A=W(J),r=vO(J),""),224)),h.length),S=0;r--;)S=((S|0)+(vO(J)|0))%q,n+=O[h[S]];D(J,A,n)}),V)(406,E,function(J){CU(3,J)}),E),function(J,h,S,q){D(J,(S=(h=W(J),W(J)),q=W(J),q),N(J,h)||N(J,S))}),function(){})),21),0),function(J,h,S,q){D(J,(S=N(J,(q=N(J,(h=(q=(S=W(J),W(J)),W(J)),q)),S)),h),S in q|0)})),function(J,h,S){0!=N(J,(h=N(J,(h=W((S=W(J),J)),h)),S))&&D(J,260,h)})),E),function(J){CU(4,J)}),2048)),V)(128,E,function(J,h,S){(h=N(J,(S=(h=W(J),W(J)),h)),h=t_(h),D)(J,S,h)}),207),467),function(J,h,S,q){S=(h=I((q=W(J),J)),W(J)),D(J,S,N(J,q)>>>h)})),416),x),[0,0,0])),E),function(J,h,S,q){D(J,(S=(h=(q=(h=W(J),W(J)),N(J,h)),N(J,q)),q),S+h)}),E),108,[]),317),E,function(J,h,S,q,r,A,n,z,T,v,w,p){function H(t,Q){for(;r<t;)p|=I(J)<<r,r+=8;return Q=(r-=t,p)&(1<<t)-1,p>>=t,Q}for(p=(n=W(J),r=0),T=(H(3)|0)+1,S=H(5),h=[],q=w=0;w<S;w++)z=H(1),h.push(z),q+=z?0:1;for(v=(q=(w=((q|0)-1).toString(2).length,0),[]);q<S;q++)h[q]||(v[q]=H(w));for(w=0;w<S;w++)h[w]&&(v[w]=W(J));for(A=[];T--;)A.push(N(J,W(J)));V(n,J,function(t,Q,d,k,LU){for(Q=(LU=(d=[],[]),0);Q<S;Q++){if(!h[k=v[Q],Q]){for(;k>=d.length;)d.push(W(t));k=d[k]}LU.push(k)}t.Z=cO(t,(t.W=cO(t,A.slice()),LU))})}),446),{}),0),278),0),E),function(J){nU(J,4)}),E),function(J,h,S,q){D(J,(q=(S=N(J,(q=(S=W(J),W(J)),h=W(J),S)),N)(J,q),h),+(S==q))}),409),E,function(J,h){(J=N((h=W(J),J.A),h),J[0]).removeEventListener(J[1],J[2],u)}),function(J,h,S,q,r){for(r=(S=(q=vO((h=W(J),J)),0),[]);S<q;S++)r.push(I(J));D(J,h,r)})),Z(4))),[])),0)]),function(J,h,S,q){(h=(S=W(J),W(J)),q=W(J),J.A==J)&&(q=N(J,q),h=N(J,h),N(J,S)[h]=q,174==S&&(J.X=void 0,2==h&&(J.S=e(32,J,false),J.X=void 0)))})),V)(209,E,function(J,h,S){D(J,(S=(h=W(J),W)(J),S),""+N(J,h))}),E),function(J,h,S,q,r){h=N(J,(r=(S=N((r=(h=(q=W(J),W(J)),W(J)),S=W(J),J),S),q=N(J.A,q),N(J,r)),h)),0!==q&&(S=R4(J,r,S,1,q,h),q.addEventListener(h,S,u),D(J,21,[q,h,S]))}),E),function(J){nU(J,1)}),225),E,function(J,h,S,q,r,A){G(h,J,false,true)||(q=N0(J.A),h=q.R,S=q.oe,A=q.D,r=A.length,q=q.El,h=0==r?new S[h]:1==r?new S[h](A[0]):2==r?new S[h](A[0],A[1]):3==r?new S[h](A[0],A[1],A[2]):4==r?new S[h](A[0],A[1],A[2],A[3]):2(),D(J,q,h))}),E.ae=0,E),function(J,h,S){G(h,J,false,true)||(h=W(J),S=W(J),D(J,S,function(q){return eval(q)}(lN(N(J.A,h)))))}),function(J,h){h=N(J,W(J)),uN(h,J.A)})),function(J,h,S,q,r,A){if(!G(h,J,true,true)){if("object"==t_((A=(h=N((q=W((A=(r=W((h=W(J),J)),W(J)),J)),J),h),r=N(J,r),N(J,A)),J=N(J,q),h))){for(S in q=[],h)q.push(S);h=q}for(A=0<A?A:1,S=0,q=h.length;S<q;S+=A)r(h.slice(S,(S|0)+(A|0)),J)}})),E).kt=0,E),function(J){WO(J,4)}),V)(252,E,function(J,h,S,q,r){S=N(J,(q=N(J,(r=N(J,(q=(r=(S=(h=W(J),W(J)),W(J)),W(J)),r)),q)),S)),D(J,h,R4(J,S,r,q))}),function(J,h,S,q){!G(h,J,false,true)&&(h=N0(J),S=h.R,q=h.oe,J.A==J||S==J.WF&&q==J)&&(D(J,h.El,S.apply(q,h.D)),J.B=J.K())})),447),E,function(J,h,S,q){if(S=J.hh.pop()){for(q=I(J);0<q;q--)h=W(J),S[h]=J.o[h];((S[108]=J.o[108],S)[408]=J.o[408],J).o=S}else D(J,260,J.s)}),function(J,h,S,q){h=(S=N(J,(q=W((h=(S=W(J),W(J)),J)),S)),N(J,h)),D(J,q,S[h])})),QE)],E),K)([M,c],E),K)([BO,R],E),a(true,true,E)},rm=function(E,R,c,L,O){for(O=(E=E.replace(/\\r\\n/g,"\\n"),[]),R=L=0;L<E.length;L++)c=E.charCodeAt(L),128>c?O[R++]=c:(2048>c?O[R++]=c>>6|192:(55296==(c&64512)&&L+1<E.length&&56320==(E.charCodeAt(L+1)&64512)?(c=65536+((c&1023)<<10)+(E.charCodeAt(++L)&1023),O[R++]=c>>18|240,O[R++]=c>>12&63|128):O[R++]=c>>12|224,O[R++]=c>>6&63|128),O[R++]=c&63|128);return O},x=this||self,e=function(E,R,c,L,O,J,h,S,q,r,A,n,z,T){if((S=N(R,260),S)>=R.s)throw[f,31];for(L=(J=0,R.XL.length),h=E,n=S;0<h;)T=n>>3,r=n%8,q=R.F[T],O=8-(r|0),O=O<h?O:h,c&&(z=R,z.X!=n>>6&&(z.X=n>>6,A=N(z,174),z.O=A_(z.S,[0,0,A[1],A[2]],z.X)),q^=R.O[T&L]),n+=O,J|=(q>>8-(r|0)-(O|0)&(1<<O)-1)<<(h|0)-(O|0),h-=O;return D(R,260,(c=J,(S|0)+(E|0))),c},Xf=function(E,R,c){if(3==E.length){for(c=0;3>c;c++)R[c]+=E[c];for(c=(E=[13,8,13,12,16,5,3,10,15],0);9>c;c++)R[3](R,c%3,E[c])}},t_=function(E,R,c){if("object"==(c=typeof E,c))if(E){if(E instanceof Array)return"array";if(E instanceof Object)return c;if("[object Window]"==(R=Object.prototype.toString.call(E),R))return"object";if("[object Array]"==R||"number"==typeof E.length&&"undefined"!=typeof E.splice&&"undefined"!=typeof E.propertyIsEnumerable&&!E.propertyIsEnumerable("splice"))return"array";if("[object Function]"==R||"undefined"!=typeof E.call&&"undefined"!=typeof E.propertyIsEnumerable&&!E.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==c&&"undefined"==typeof E.call)return"object";return c},G=function(E,R,c,L,O,J,h,S,q){if((R.A=((q=(O=(h=(S=4==(J=(L||R.H++,0<R.g&&R.i&&R.qN&&1>=R.T)&&!R.W&&!R.G&&(!L||1<R.v-E)&&0==document.hidden,R.H))||J?R.K():R.B,h)-R.B,O)>>14,R.S)&&(R.S^=q*(O<<2)),q)||R.A,R.C+=q,S)||J)R.B=h,R.H=0;if(!J||h-R.I<R.g-(c?255:L?5:2))return false;return(c=N(R,(R.v=E,L?63:260)),D(R,260,R.s),R.j).push([m4,c,L?E+1:E]),R.G=Y,true},vO=function(E,R){return(R=I(E),R)&128&&(R=R&127|I(E)<<7),R},o4=function(E,R,c,L){return N(c,(D(c,260,(HO(((L=N(c,260),c.F&&L<c.s)?(D(c,260,c.s),uN(R,c)):D(c,260,R),E),c),L)),446))},b=function(E,R,c,L,O,J){if(!E.l){if(3<(c=N(((R=((J=void 0,c&&c[0]===f&&(J=c[2],R=c[1],c=void 0),O=N(E,108),0)==O.length&&(L=N(E,63)>>3,O.push(R,L>>8&255,L&255),void 0!=J&&O.push(J&255)),""),c)&&(c.message&&(R+=c.message),c.stack&&(R+=":"+c.stack)),E),408),c)){J=(R=(c-=((R=R.slice(0,(c|0)-3),R).length|0)+3,rm(R)),E.A),E.A=E;try{B(279,X(R.length,2).concat(R),E,9)}finally{E.A=J}}D(E,408,c)}},Z8=function(E,R){return R[E]<<24|R[(E|0)+1]<<16|R[(E|0)+2]<<8|R[(E|0)+3]},I=function(E){return E.W?KU(E.Z,E):e(8,E,true)},zT=function(E){return E},EI=function(E,R,c,L,O){if(L=R[0],L==F)E.L=25,E.V(R);else if(L==P){O=R[1];try{c=E.h||E.V(R)}catch(J){l(J,E),c=E.h}O(c)}else if(L==m4)E.V(R);else if(L==M)E.V(R);else if(L==BO){try{for(c=0;c<E.P.length;c++)try{O=E.P[c],O[0][O[1]](O[2])}catch(J){}}catch(J){}(0,(E.P=[],R)[1])(function(J,h){E.u(J,true,h)},function(J){K([yE],(J=!E.j.length,E)),J&&a(true,false,E)})}else{if(L==C)return c=R[2],D(E,433,R[6]),D(E,446,c),E.V(R);L==yE?(E.o=null,E.F=[],E.N=[]):L==QE&&"loading"===x.document.readyState&&(E.G=function(J,h){function S(){h||(h=true,J())}(x.document.addEventListener("DOMContentLoaded",S,(h=false,u)),x).addEventListener("load",S,u)})}},B=function(E,R,c,L,O,J){if(c.A==c)for(O=N(c,E),279==E?(E=function(h,S,q,r){if((r=(S=O.length,S|0)-4>>3,O).Ul!=r){q=[0,(r=(r<<3)-(O.Ul=r,4),0),J[1],J[2]];try{O.z$=A_(Z8(r,O),q,Z8((r|0)+4,O))}catch(A){throw A;}}O.push(O.z$[S&7]^h)},J=N(c,485)):E=function(h){O.push(h)},L&&E(L&255),c=0,L=R.length;c<L;c++)E(R[c])},Y=x.requestIdleCallback?function(E){requestIdleCallback(function(){E()},{timeout:4})}:x.setImmediate?function(E){setImmediate(E)}:function(E){setTimeout(E,0)},WO=function(E,R,c,L){for(c=(L=W(E),0);0<R;R--)c=c<<8|I(E);D(E,L,c)},V=function(E,R,c){D(R,E,c),c[QE]=2796},y,U,N=function(E,R){if((E=E.o[R],void 0)===E)throw[f,30,R];if(E.value)return E.create();return(E.create(5*R*R+27*R+-58),E).prototype},HO=function(E,R,c,L,O,J){if(!R.h){R.T++;try{for(O=(J=(c=R.s,void 0),0);--E;)try{if((L=void 0,R).W)J=KU(R.W,R);else{if(O=N(R,260),O>=c)break;J=N(R,(D(R,63,O),L=W(R),L))}G((J&&J[yE]&2048?J(R,E):b(R,0,[f,21,L]),E),R,false,false)}catch(h){N(R,207)?b(R,22,h):D(R,207,h)}if(!E){if(R.bG){HO((R.T--,188885615751),R);return}b(R,0,[f,33])}}catch(h){try{b(R,22,h)}catch(S){l(S,R)}}R.T--}},N0=function(E,R,c,L,O,J){for(c=(O=E[gm]||{},R=W(E),O.El=W(E),O.D=[],J=E.A==E?(I(E)|0)-1:1,L=W(E),0);c<J;c++)O.D.push(W(E));for(O.oe=N(E,L);J--;)O.D[J]=N(E,O.D[J]);return O.R=N(E,R),O},KU=function(E,R){return(E=E.create().shift(),R).W.create().length||R.Z.create().length||(R.Z=void 0,R.W=void 0),E},u={passive:true,capture:true},gm=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),BO=(m.prototype.bG=!(m.prototype.J="toString",1),[]),f=(m.prototype.mf=(m.prototype.Vp=void 0,void 0),{}),M=[],m4=[],F=[],yE=[],QE=[],P=[],C=[],Y1=((iN,Z,Sy,Xf,m.prototype).U="create",U=m.prototype,U.nz=function(E,R,c,L,O,J){for(O=(c=0,[]),J=0;J<E.length;J++)for(c+=R,L=L<<R|E[J];7<c;)c-=8,O.push(L>>c&255);return O},U.DX=function(E,R,c,L,O){for(L=O=0;L<E.length;L++)O+=E.charCodeAt(L),O+=O<<10,O^=O>>6;return(O=(E=(O+=O<<3,O^=O>>11,O+(O<<15)>>>0),new Number(E&(1<<R)-1)),O)[0]=(E>>>R)%c,O},void 0),g=f.constructor;(((U.K=(window.performance||{}).now?function(){return this.Kz+window.performance.now()}:function(){return+new Date},U.th=(U.dC=function(){return Math.floor(this.Y+(this.K()-this.I))},function(){return Math.floor(this.K())}),U).SG=function(E,R,c){return E^(R^=R<<13,R^=R>>17,(R=(R^R<<5)&c)||(R=1),R)},U).u=function(E,R,c,L,O){if(c="array"===t_(c)?c:[c],this.h)E(this.h);else try{O=[],L=!this.j.length,K([F,O,c],this),K([P,E,O],this),R&&!L||a(R,true,this)}catch(J){l(J,this),E(this.h)}},m.prototype).V=function(E,R){return R=(Y1=(E={},function(){return R==E?-58:-12}),{}),function(c,L,O,J,h,S,q,r,A,n,z,T,v,w,p){R=(n=R,E);try{if(S=c[0],S==M){z=c[1];try{for(h=(T=(p=[],atob(z)),v=0);v<T.length;v++)A=T.charCodeAt(v),255<A&&(p[h++]=A&255,A>>=8),p[h++]=A;D(this,(this.s=(this.F=p,this.F.length)<<3,174),[0,0,0])}catch(H){b(this,17,H);return}HO(8001,this)}else if(S==F)c[1].push(N(this,139).length,N(this,115).length,N(this,408),N(this,279).length),D(this,446,c[2]),this.o[479]&&o4(8001,N(this,479),this);else{if(S==P){this.A=(J=(O=X(((p=c[2],N(this,139).length)|0)+2,2),this.A),this);try{r=N(this,108),0<r.length&&B(139,X(r.length,2).concat(r),this,10),B(139,X(this.C,1),this,109),B(139,X(this[P].length,1),this),T=0,T+=N(this,278)&2047,T-=(N(this,139).length|0)+5,w=N(this,279),4<w.length&&(T-=(w.length|0)+3),0<T&&B(139,X(T,2).concat(Z(T)),this,15),4<w.length&&B(139,X(w.length,2).concat(w),this,156)}finally{this.A=J}if(((h=Z(2).concat(N(this,139)),h)[1]=h[0]^6,h)[3]=h[1]^O[0],h[4]=h[1]^O[1],L=this.jG(h))L="!"+L;else for(L="",T=0;T<h.length;T++)q=h[T][this.J](16),1==q.length&&(q="0"+q),L+=q;return N((D(this,408,(N(this,(N(this,(v=L,139)).length=p.shift(),115)).length=p.shift(),p.shift())),this),279).length=p.shift(),v}if(S==m4)o4(c[2],c[1],this);else if(S==C)return o4(8001,c[1],this)}}finally{R=n}}}();var ey,D8=(m.prototype.rC=((m.prototype.jG=function(E,R,c,L){if(c=window.btoa){for(L=0,R="";L<E.length;L+=8192)R+=String.fromCharCode.apply(null,E.slice(L,L+8192));E=c(R).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else E=void 0;return E},m.prototype).xt=0,0),m.prototype[BO]=[0,0,1,1,0,1,1],/./),x1=M.pop.bind(m.prototype[F]),lN=function(E,R){return(R=pU())&&1===E.eval(R.createScript("1"))?function(c){return R.createScript(c)}:function(c){return""+c}}(((ey=(D8[m.prototype.J]=x1,wm(m.prototype.U,{get:x1})),m).prototype.G$=void 0,x));(40<(y=x.botguard||(x.botguard={}),y.m)||(y.m=41,y.bg=J_,y.a=sI),y).ABO_=function(E,R,c){return[(c=new m(E,R),function(L){return q0(c,L)})]};}).call(this);'));
}).call(this);
                                    

#8 JavaScript::Eval (size: 20761, repeated: 1) - SHA256: 01657c5f72d2fb4f7136932b6addbccc816a55fa21677d5e8b7e3fb673a23bf2

                                        (function() {
    var R4 = function(E, R, c, L, O, J) {
            function h() {
                if (E.A == E) {
                    if (E.o) {
                        var S = [C, R, c, void 0, O, J, arguments];
                        if (2 == L) var q = a(false, false, (K(S, E), E));
                        else if (1 == L) {
                            var r = !E.j.length;
                            K(S, E), r && a(false, false, E)
                        } else q = EI(E, S);
                        return q
                    }
                    O && J && O.removeEventListener(J, h, u)
                }
            }
            return h
        },
        J_ = function(E, R, c, L) {
            function O() {}
            return {
                invoke: (L = sI(E, (c = void 0, function(J) {
                    O && (R && Y(R), c = J, O(), O = void 0)
                }), !!R)[0], function(J, h, S, q) {
                    function r() {
                        c(function(A) {
                            Y(function() {
                                J(A)
                            })
                        }, S)
                    }
                    if (!h) return h = L(S), J && J(h), h;
                    c ? r() : (q = O, O = function() {
                        Y((q(), r))
                    })
                })
            }
        },
        D = function(E, R, c) {
            if (260 == R || 63 == R) E.o[R] ? E.o[R].concat(c) : E.o[R] = cO(E, c);
            else {
                if (E.l && 174 != R) return;
                139 == R || 279 == R || 115 == R || 108 == R || 485 == R ? E.o[R] || (E.o[R] = h_(134, c, R, E)) : E.o[R] = h_(17, c, R, E)
            }
            174 == R && (E.S = e(32, E, false), E.X = void 0)
        },
        l = function(E, R) {
            R.h = ((R.h ? R.h + "~" : "E:") + E.message + ":" + E.stack).slice(0, 2048)
        },
        Sy = function(E, R, c, L) {
            try {
                L = E[((R | 0) + 2) % 3], E[R] = (E[R] | 0) - (E[((R | 0) + 1) % 3] | 0) - (L | 0) ^ (1 == R ? L << c : L >>> c)
            } catch (O) {
                throw O;
            }
        },
        OI = function(E, R) {
            return R(function(c) {
                c(E)
            }), [function() {
                return E
            }]
        },
        q0 = function(E, R, c) {
            return E.u(function(L) {
                c = L
            }, false, R), c
        },
        CU = function(E, R, c, L, O) {
            (L = N((c = W((L = (E &= (O = E & 4, 3), W(R)), R)), R), L), O && (L = rm("" + L)), E) && B(c, X(L.length, 2), R), B(c, L, R)
        },
        W = function(E, R) {
            if (E.W) return KU(E.Z, E);
            return (R = e(8, E, true), R & 128) && (R ^= 128, E = e(2, E, true), R = (R << 2) + (E | 0)), R
        },
        m = function(E, R, c) {
            c = this;
            try {
                a4(this, R, E)
            } catch (L) {
                l(L, this), R(function(O) {
                    O(c.h)
                })
            }
        },
        A_ = function(E, R, c, L, O) {
            for (R = (L = R[O = 0, 3] | 0, R[2] | 0); 14 > O; O++) c = c >>> 8 | c << 24, L = L >>> 8 | L << 24, c += E | 0, E = E << 3 | E >>> 29, c ^= R + 1890, L += R | 0, L ^= O + 1890, R = R << 3 | R >>> 29, E ^= c, R ^= L;
            return [E >>> 24 & 255, E >>> 16 & 255, E >>> 8 & 255, E >>> 0 & 255, c >>> 24 & 255, c >>> 16 & 255, c >>> 8 & 255, c >>> 0 & 255]
        },
        uN = function(E, R) {
            D(R, 260, ((R.hh.push(R.o.slice()), R).o[260] = void 0, E))
        },
        Z = function(E, R) {
            for (R = []; E--;) R.push(255 * Math.random() | 0);
            return R
        },
        sI = function(E, R, c, L) {
            return (L = y[E.substring(0, 3) + "_"]) ? L(E.substring(3), R, c) : OI(E, R)
        },
        cO = function(E, R, c) {
            return (c = g[E.U](E.sl), c[E.U] = function() {
                return R
            }, c).concat = function(L) {
                R = L
            }, c
        },
        iN = function(E, R) {
            ((R.push(E[0] << 24 | E[1] << 16 | E[2] << 8 | E[3]), R).push(E[4] << 24 | E[5] << 16 | E[6] << 8 | E[7]), R).push(E[8] << 24 | E[9] << 16 | E[10] << 8 | E[11])
        },
        X = function(E, R, c, L) {
            for (c = (L = [], R | 0) - 1; 0 <= c; c--) L[(R | 0) - 1 - (c | 0)] = E >> 8 * c & 255;
            return L
        },
        nU = function(E, R, c, L) {
            L = (c = W(E), W(E)), B(L, X(N(E, c), R), E)
        },
        TT = function(E, R, c, L) {
            for (; R.j.length;) {
                c = (R.G = null, R.j.pop());
                try {
                    L = EI(R, c)
                } catch (O) {
                    l(O, R)
                }
                if (E && R.G) {
                    (E = R.G, E)(function() {
                        a(true, true, R)
                    });
                    break
                }
            }
            return L
        },
        wm = function(E, R) {
            return g[E](g.prototype, {
                parent: R,
                propertyIsEnumerable: R,
                prototype: R,
                console: R,
                floor: R,
                document: R,
                splice: R,
                replace: R,
                call: R,
                pop: R,
                length: R,
                stack: R
            })
        },
        h_ = function(E, R, c, L, O, J, h, S) {
            return h = g[L.U]((J = (R = [51, 27, -23, 78, 28, -90, (O = Y1, R), 37, -90, 16], E & 7), L).Ah), h[L.U] = function(q) {
                J += (S = q, 6) + 7 * E, J &= 7
            }, h.concat = function(q) {
                return (q = (q = c % 16 + 1, 5) * c * c * q - -1972 * S - 918 * c * S + J + 34 * S * S + (O() | 0) * q - q * S + R[J + 35 & 7] * c * q - 170 * c * c * S, q = R[q], S = void 0, R)[(J + 61 & 7) + (E & 2)] = q, R[J + (E & 2)] = 27, q
            }, h
        },
        a = function(E, R, c, L, O, J) {
            if (c.j.length) {
                c.qN = (c.i && 0(), E), c.i = true;
                try {
                    O = c.K(), c.I = O, c.H = 0, c.B = O, L = TT(E, c), J = c.K() - c.I, c.Y += J, J < (R ? 0 : 10) || 0 >= c.L-- || (J = Math.floor(J), c.N.push(254 >= J ? J : 254))
                } finally {
                    c.i = false
                }
                return L
            }
        },
        pU = function(E, R) {
            if (R = (E = null, x).trustedTypes, !R || !R.createPolicy) return E;
            try {
                E = R.createPolicy("bg", {
                    createHTML: zT,
                    createScript: zT,
                    createScriptURL: zT
                })
            } catch (c) {
                x.console && x.console.error(c.message)
            }
            return E
        },
        K = function(E, R) {
            R.j.splice(0, 0, E)
        },
        a4 = function(E, R, c, L, O) {
            for (L = (O = ((E.Ah = ((E.yp = D8, E).pz = ey, E.XL = E[P], wm)(E.U, {get: function() {
                        return this.concat()
                    }
                }), E).sl = g[E.U](E.Ah, {
                    value: {
                        value: {}
                    }
                }), []), 0); 128 > L; L++) O[L] = String.fromCharCode(L);
            ((K([(V(348, E, (V((V(390, E, ((V(461, ((V(452, E, (V(249, E, (V(364, (V((V(164, (V(188, ((V(234, E, (D(E, 139, [160, 0, (D(E, 115, (D(E, 279, (V(69, E, (V((V(61, (V(141, (D(E, (E.eG = (D(E, (V((D((V(437, (D(E, 485, (D(E, (V(229, E, (D(E, ((D(E, 408, (V(200, (V(402, E, (V(236, E, (D(E, (V(214, E, (V(0, ((V(23, (D(E, 293, (D(E, (D(E, 260, (E.Kz = (E.WF = (E.g = ((E.h = (E.P = [], void 0), E.X = void 0, E).W = void 0, E.T = (E.v = (E.C = 1, E.Y = 0, 8001), 0), (E.B = 0, E).L = (E.A = E, E.o = [], E.F = [], (E.H = void 0, E).N = [], (E.qN = false, E.Z = void 0, E.G = null, E).S = void 0, (E.j = [], E.O = void 0, E).l = ((E.ZX = 0, E).s = 0, L = (E.I = 0, window.performance || {}), false), E.hh = [], 25), 0), function(J) {
                this.A = J
            }), E.i = false, L.timeOrigin || (L.timing || {}).navigationStart || 0), 0)), 63), 0), E)), E), function(J, h, S, q, r, A, n) {
                for (q = (h = N(J, (n = (A = W(J), r = vO(J), ""), 224)), h.length), S = 0; r--;) S = ((S | 0) + (vO(J) | 0)) % q, n += O[h[S]];
                D(J, A, n)
            }), V)(406, E, function(J) {
                CU(3, J)
            }), E), function(J, h, S, q) {
                D(J, (S = (h = W(J), W(J)), q = W(J), q), N(J, h) || N(J, S))
            }), function() {})), 21), 0), function(J, h, S, q) {
                D(J, (S = N(J, (q = N(J, (h = (q = (S = W(J), W(J)), W(J)), q)), S)), h), S in q | 0)
            })), function(J, h, S) {
                0 != N(J, (h = N(J, (h = W((S = W(J), J)), h)), S)) && D(J, 260, h)
            })), E), function(J) {
                CU(4, J)
            }), 2048)), V)(128, E, function(J, h, S) {
                (h = N(J, (S = (h = W(J), W(J)), h)), h = t_(h), D)(J, S, h)
            }), 207), 467), function(J, h, S, q) {
                S = (h = I((q = W(J), J)), W(J)), D(J, S, N(J, q) >>> h)
            })), 416), x), [0, 0, 0])), E), function(J, h, S, q) {
                D(J, (S = (h = (q = (h = W(J), W(J)), N(J, h)), N(J, q)), q), S + h)
            }), E), 108, []), 317), E, function(J, h, S, q, r, A, n, z, T, v, w, p) {
                function H(t, Q) {
                    for (; r < t;) p |= I(J) << r, r += 8;
                    return Q = (r -= t, p) & (1 << t) - 1, p >>= t, Q
                }
                for (p = (n = W(J), r = 0), T = (H(3) | 0) + 1, S = H(5), h = [], q = w = 0; w < S; w++) z = H(1), h.push(z), q += z ? 0 : 1;
                for (v = (q = (w = ((q | 0) - 1).toString(2).length, 0), []); q < S; q++) h[q] || (v[q] = H(w));
                for (w = 0; w < S; w++) h[w] && (v[w] = W(J));
                for (A = []; T--;) A.push(N(J, W(J)));
                V(n, J, function(t, Q, d, k, LU) {
                    for (Q = (LU = (d = [], []), 0); Q < S; Q++) {
                        if (!h[k = v[Q], Q]) {
                            for (; k >= d.length;) d.push(W(t));
                            k = d[k]
                        }
                        LU.push(k)
                    }
                    t.Z = cO(t, (t.W = cO(t, A.slice()), LU))
                })
            }), 446), {}), 0), 278), 0), E), function(J) {
                nU(J, 4)
            }), E), function(J, h, S, q) {
                D(J, (q = (S = N(J, (q = (S = W(J), W(J)), h = W(J), S)), N)(J, q), h), +(S == q))
            }), 409), E, function(J, h) {
                (J = N((h = W(J), J.A), h), J[0]).removeEventListener(J[1], J[2], u)
            }), function(J, h, S, q, r) {
                for (r = (S = (q = vO((h = W(J), J)), 0), []); S < q; S++) r.push(I(J));
                D(J, h, r)
            })), Z(4))), [])), 0)]), function(J, h, S, q) {
                (h = (S = W(J), W(J)), q = W(J), J.A == J) && (q = N(J, q), h = N(J, h), N(J, S)[h] = q, 174 == S && (J.X = void 0, 2 == h && (J.S = e(32, J, false), J.X = void 0)))
            })), V)(209, E, function(J, h, S) {
                D(J, (S = (h = W(J), W)(J), S), "" + N(J, h))
            }), E), function(J, h, S, q, r) {
                h = N(J, (r = (S = N((r = (h = (q = W(J), W(J)), W(J)), S = W(J), J), S), q = N(J.A, q), N(J, r)), h)), 0 !== q && (S = R4(J, r, S, 1, q, h), q.addEventListener(h, S, u), D(J, 21, [q, h, S]))
            }), E), function(J) {
                nU(J, 1)
            }), 225), E, function(J, h, S, q, r, A) {
                G(h, J, false, true) || (q = N0(J.A), h = q.R, S = q.oe, A = q.D, r = A.length, q = q.El, h = 0 == r ? new S[h] : 1 == r ? new S[h](A[0]) : 2 == r ? new S[h](A[0], A[1]) : 3 == r ? new S[h](A[0], A[1], A[2]) : 4 == r ? new S[h](A[0], A[1], A[2], A[3]) : 2(), D(J, q, h))
            }), E.ae = 0, E), function(J, h, S) {
                G(h, J, false, true) || (h = W(J), S = W(J), D(J, S, function(q) {
                    return eval(q)
                }(lN(N(J.A, h)))))
            }), function(J, h) {
                h = N(J, W(J)), uN(h, J.A)
            })), function(J, h, S, q, r, A) {
                if (!G(h, J, true, true)) {
                    if ("object" == t_((A = (h = N((q = W((A = (r = W((h = W(J), J)), W(J)), J)), J), h), r = N(J, r), N(J, A)), J = N(J, q), h))) {
                        for (S in q = [], h) q.push(S);
                        h = q
                    }
                    for (A = 0 < A ? A : 1, S = 0, q = h.length; S < q; S += A) r(h.slice(S, (S | 0) + (A | 0)), J)
                }
            })), E).kt = 0, E), function(J) {
                WO(J, 4)
            }), V)(252, E, function(J, h, S, q, r) {
                S = N(J, (q = N(J, (r = N(J, (q = (r = (S = (h = W(J), W(J)), W(J)), W(J)), r)), q)), S)), D(J, h, R4(J, S, r, q))
            }), function(J, h, S, q) {
                !G(h, J, false, true) && (h = N0(J), S = h.R, q = h.oe, J.A == J || S == J.WF && q == J) && (D(J, h.El, S.apply(q, h.D)), J.B = J.K())
            })), 447), E, function(J, h, S, q) {
                if (S = J.hh.pop()) {
                    for (q = I(J); 0 < q; q--) h = W(J), S[h] = J.o[h];
                    ((S[108] = J.o[108], S)[408] = J.o[408], J).o = S
                } else D(J, 260, J.s)
            }), function(J, h, S, q) {
                h = (S = N(J, (q = W((h = (S = W(J), W(J)), J)), S)), N(J, h)), D(J, q, S[h])
            })), QE)], E), K)([M, c], E), K)([BO, R], E), a(true, true, E)
        },
        rm = function(E, R, c, L, O) {
            for (O = (E = E.replace(/\r\n/g, "\n"), []), R = L = 0; L < E.length; L++) c = E.charCodeAt(L), 128 > c ? O[R++] = c : (2048 > c ? O[R++] = c >> 6 | 192 : (55296 == (c & 64512) && L + 1 < E.length && 56320 == (E.charCodeAt(L + 1) & 64512) ? (c = 65536 + ((c & 1023) << 10) + (E.charCodeAt(++L) & 1023), O[R++] = c >> 18 | 240, O[R++] = c >> 12 & 63 | 128) : O[R++] = c >> 12 | 224, O[R++] = c >> 6 & 63 | 128), O[R++] = c & 63 | 128);
            return O
        },
        x = this || self,
        e = function(E, R, c, L, O, J, h, S, q, r, A, n, z, T) {
            if ((S = N(R, 260), S) >= R.s) throw [f, 31];
            for (L = (J = 0, R.XL.length), h = E, n = S; 0 < h;) T = n >> 3, r = n % 8, q = R.F[T], O = 8 - (r | 0), O = O < h ? O : h, c && (z = R, z.X != n >> 6 && (z.X = n >> 6, A = N(z, 174), z.O = A_(z.S, [0, 0, A[1], A[2]], z.X)), q ^= R.O[T & L]), n += O, J |= (q >> 8 - (r | 0) - (O | 0) & (1 << O) - 1) << (h | 0) - (O | 0), h -= O;
            return D(R, 260, (c = J, (S | 0) + (E | 0))), c
        },
        Xf = function(E, R, c) {
            if (3 == E.length) {
                for (c = 0; 3 > c; c++) R[c] += E[c];
                for (c = (E = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > c; c++) R[3](R, c % 3, E[c])
            }
        },
        t_ = function(E, R, c) {
            if ("object" == (c = typeof E, c))
                if (E) {
                    if (E instanceof Array) return "array";
                    if (E instanceof Object) return c;
                    if ("[object Window]" == (R = Object.prototype.toString.call(E), R)) return "object";
                    if ("[object Array]" == R || "number" == typeof E.length && "undefined" != typeof E.splice && "undefined" != typeof E.propertyIsEnumerable && !E.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == R || "undefined" != typeof E.call && "undefined" != typeof E.propertyIsEnumerable && !E.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == c && "undefined" == typeof E.call) return "object";
            return c
        },
        G = function(E, R, c, L, O, J, h, S, q) {
            if ((R.A = ((q = (O = (h = (S = 4 == (J = (L || R.H++, 0 < R.g && R.i && R.qN && 1 >= R.T) && !R.W && !R.G && (!L || 1 < R.v - E) && 0 == document.hidden, R.H)) || J ? R.K() : R.B, h) - R.B, O) >> 14, R.S) && (R.S ^= q * (O << 2)), q) || R.A, R.C += q, S) || J) R.B = h, R.H = 0;
            if (!J || h - R.I < R.g - (c ? 255 : L ? 5 : 2)) return false;
            return (c = N(R, (R.v = E, L ? 63 : 260)), D(R, 260, R.s), R.j).push([m4, c, L ? E + 1 : E]), R.G = Y, true
        },
        vO = function(E, R) {
            return (R = I(E), R) & 128 && (R = R & 127 | I(E) << 7), R
        },
        o4 = function(E, R, c, L) {
            return N(c, (D(c, 260, (HO(((L = N(c, 260), c.F && L < c.s) ? (D(c, 260, c.s), uN(R, c)) : D(c, 260, R), E), c), L)), 446))
        },
        b = function(E, R, c, L, O, J) {
            if (!E.l) {
                if (3 < (c = N(((R = ((J = void 0, c && c[0] === f && (J = c[2], R = c[1], c = void 0), O = N(E, 108), 0) == O.length && (L = N(E, 63) >> 3, O.push(R, L >> 8 & 255, L & 255), void 0 != J && O.push(J & 255)), ""), c) && (c.message && (R += c.message), c.stack && (R += ":" + c.stack)), E), 408), c)) {
                    J = (R = (c -= ((R = R.slice(0, (c | 0) - 3), R).length | 0) + 3, rm(R)), E.A), E.A = E;
                    try {
                        B(279, X(R.length, 2).concat(R), E, 9)
                    } finally {
                        E.A = J
                    }
                }
                D(E, 408, c)
            }
        },
        Z8 = function(E, R) {
            return R[E] << 24 | R[(E | 0) + 1] << 16 | R[(E | 0) + 2] << 8 | R[(E | 0) + 3]
        },
        I = function(E) {
            return E.W ? KU(E.Z, E) : e(8, E, true)
        },
        zT = function(E) {
            return E
        },
        EI = function(E, R, c, L, O) {
            if (L = R[0], L == F) E.L = 25, E.V(R);
            else if (L == P) {
                O = R[1];
                try {
                    c = E.h || E.V(R)
                } catch (J) {
                    l(J, E), c = E.h
                }
                O(c)
            } else if (L == m4) E.V(R);
            else if (L == M) E.V(R);
            else if (L == BO) {
                try {
                    for (c = 0; c < E.P.length; c++) try {
                        O = E.P[c], O[0][O[1]](O[2])
                    } catch (J) {}
                } catch (J) {}(0, (E.P = [], R)[1])(function(J, h) {
                    E.u(J, true, h)
                }, function(J) {
                    K([yE], (J = !E.j.length, E)), J && a(true, false, E)
                })
            } else {
                if (L == C) return c = R[2], D(E, 433, R[6]), D(E, 446, c), E.V(R);
                L == yE ? (E.o = null, E.F = [], E.N = []) : L == QE && "loading" === x.document.readyState && (E.G = function(J, h) {
                    function S() {
                        h || (h = true, J())
                    }(x.document.addEventListener("DOMContentLoaded", S, (h = false, u)), x).addEventListener("load", S, u)
                })
            }
        },
        B = function(E, R, c, L, O, J) {
            if (c.A == c)
                for (O = N(c, E), 279 == E ? (E = function(h, S, q, r) {
                        if ((r = (S = O.length, S | 0) - 4 >> 3, O).Ul != r) {
                            q = [0, (r = (r << 3) - (O.Ul = r, 4), 0), J[1], J[2]];
                            try {
                                O.z$ = A_(Z8(r, O), q, Z8((r | 0) + 4, O))
                            } catch (A) {
                                throw A;
                            }
                        }
                        O.push(O.z$[S & 7] ^ h)
                    }, J = N(c, 485)) : E = function(h) {
                        O.push(h)
                    }, L && E(L & 255), c = 0, L = R.length; c < L; c++) E(R[c])
        },
        Y = x.requestIdleCallback ? function(E) {
            requestIdleCallback(function() {
                E()
            }, {
                timeout: 4
            })
        } : x.setImmediate ? function(E) {
            setImmediate(E)
        } : function(E) {
            setTimeout(E, 0)
        },
        WO = function(E, R, c, L) {
            for (c = (L = W(E), 0); 0 < R; R--) c = c << 8 | I(E);
            D(E, L, c)
        },
        V = function(E, R, c) {
            D(R, E, c), c[QE] = 2796
        },
        y, U, N = function(E, R) {
            if ((E = E.o[R], void 0) === E) throw [f, 30, R];
            if (E.value) return E.create();
            return (E.create(5 * R * R + 27 * R + -58), E).prototype
        },
        HO = function(E, R, c, L, O, J) {
            if (!R.h) {
                R.T++;
                try {
                    for (O = (J = (c = R.s, void 0), 0); --E;) try {
                        if ((L = void 0, R).W) J = KU(R.W, R);
                        else {
                            if (O = N(R, 260), O >= c) break;
                            J = N(R, (D(R, 63, O), L = W(R), L))
                        }
                        G((J && J[yE] & 2048 ? J(R, E) : b(R, 0, [f, 21, L]), E), R, false, false)
                    } catch (h) {
                        N(R, 207) ? b(R, 22, h) : D(R, 207, h)
                    }
                    if (!E) {
                        if (R.bG) {
                            HO((R.T--, 188885615751), R);
                            return
                        }
                        b(R, 0, [f, 33])
                    }
                } catch (h) {
                    try {
                        b(R, 22, h)
                    } catch (S) {
                        l(S, R)
                    }
                }
                R.T--
            }
        },
        N0 = function(E, R, c, L, O, J) {
            for (c = (O = E[gm] || {}, R = W(E), O.El = W(E), O.D = [], J = E.A == E ? (I(E) | 0) - 1 : 1, L = W(E), 0); c < J; c++) O.D.push(W(E));
            for (O.oe = N(E, L); J--;) O.D[J] = N(E, O.D[J]);
            return O.R = N(E, R), O
        },
        KU = function(E, R) {
            return (E = E.create().shift(), R).W.create().length || R.Z.create().length || (R.Z = void 0, R.W = void 0), E
        },
        u = {
            passive: true,
            capture: true
        },
        gm = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        BO = (m.prototype.bG = !(m.prototype.J = "toString", 1), []),
        f = (m.prototype.mf = (m.prototype.Vp = void 0, void 0), {}),
        M = [],
        m4 = [],
        F = [],
        yE = [],
        QE = [],
        P = [],
        C = [],
        Y1 = ((iN, Z, Sy, Xf, m.prototype).U = "create", U = m.prototype, U.nz = function(E, R, c, L, O, J) {
            for (O = (c = 0, []), J = 0; J < E.length; J++)
                for (c += R, L = L << R | E[J]; 7 < c;) c -= 8, O.push(L >> c & 255);
            return O
        }, U.DX = function(E, R, c, L, O) {
            for (L = O = 0; L < E.length; L++) O += E.charCodeAt(L), O += O << 10, O ^= O >> 6;
            return (O = (E = (O += O << 3, O ^= O >> 11, O + (O << 15) >>> 0), new Number(E & (1 << R) - 1)), O)[0] = (E >>> R) % c, O
        }, void 0),
        g = f.constructor;
    (((U.K = (window.performance || {}).now ? function() {
        return this.Kz + window.performance.now()
    } : function() {
        return +new Date
    }, U.th = (U.dC = function() {
        return Math.floor(this.Y + (this.K() - this.I))
    }, function() {
        return Math.floor(this.K())
    }), U).SG = function(E, R, c) {
        return E ^ (R ^= R << 13, R ^= R >> 17, (R = (R ^ R << 5) & c) || (R = 1), R)
    }, U).u = function(E, R, c, L, O) {
        if (c = "array" === t_(c) ? c : [c], this.h) E(this.h);
        else try {
            O = [], L = !this.j.length, K([F, O, c], this), K([P, E, O], this), R && !L || a(R, true, this)
        } catch (J) {
            l(J, this), E(this.h)
        }
    }, m.prototype).V = function(E, R) {
        return R = (Y1 = (E = {}, function() {
                return R == E ? -58 : -12
            }), {}),
            function(c, L, O, J, h, S, q, r, A, n, z, T, v, w, p) {
                R = (n = R, E);
                try {
                    if (S = c[0], S == M) {
                        z = c[1];
                        try {
                            for (h = (T = (p = [], atob(z)), v = 0); v < T.length; v++) A = T.charCodeAt(v), 255 < A && (p[h++] = A & 255, A >>= 8), p[h++] = A;
                            D(this, (this.s = (this.F = p, this.F.length) << 3, 174), [0, 0, 0])
                        } catch (H) {
                            b(this, 17, H);
                            return
                        }
                        HO(8001, this)
                    } else if (S == F) c[1].push(N(this, 139).length, N(this, 115).length, N(this, 408), N(this, 279).length), D(this, 446, c[2]), this.o[479] && o4(8001, N(this, 479), this);
                    else {
                        if (S == P) {
                            this.A = (J = (O = X(((p = c[2], N(this, 139).length) | 0) + 2, 2), this.A), this);
                            try {
                                r = N(this, 108), 0 < r.length && B(139, X(r.length, 2).concat(r), this, 10), B(139, X(this.C, 1), this, 109), B(139, X(this[P].length, 1), this), T = 0, T += N(this, 278) & 2047, T -= (N(this, 139).length | 0) + 5, w = N(this, 279), 4 < w.length && (T -= (w.length | 0) + 3), 0 < T && B(139, X(T, 2).concat(Z(T)), this, 15), 4 < w.length && B(139, X(w.length, 2).concat(w), this, 156)
                            } finally {
                                this.A = J
                            }
                            if (((h = Z(2).concat(N(this, 139)), h)[1] = h[0] ^ 6, h)[3] = h[1] ^ O[0], h[4] = h[1] ^ O[1], L = this.jG(h)) L = "!" + L;
                            else
                                for (L = "", T = 0; T < h.length; T++) q = h[T][this.J](16), 1 == q.length && (q = "0" + q), L += q;
                            return N((D(this, 408, (N(this, (N(this, (v = L, 139)).length = p.shift(), 115)).length = p.shift(), p.shift())), this), 279).length = p.shift(), v
                        }
                        if (S == m4) o4(c[2], c[1], this);
                        else if (S == C) return o4(8001, c[1], this)
                    }
                } finally {
                    R = n
                }
            }
    }();
    var ey, D8 = (m.prototype.rC = ((m.prototype.jG = function(E, R, c, L) {
            if (c = window.btoa) {
                for (L = 0, R = ""; L < E.length; L += 8192) R += String.fromCharCode.apply(null, E.slice(L, L + 8192));
                E = c(R).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else E = void 0;
            return E
        }, m.prototype).xt = 0, 0), m.prototype[BO] = [0, 0, 1, 1, 0, 1, 1], /./),
        x1 = M.pop.bind(m.prototype[F]),
        lN = function(E, R) {
            return (R = pU()) && 1 === E.eval(R.createScript("1")) ? function(c) {
                return R.createScript(c)
            } : function(c) {
                return "" + c
            }
        }(((ey = (D8[m.prototype.J] = x1, wm(m.prototype.U, {get: x1
        })), m).prototype.G$ = void 0, x));
    (40 < (y = x.botguard || (x.botguard = {}), y.m) || (y.m = 41, y.bg = J_, y.a = sI), y).ABO_ = function(E, R, c) {
        return [(c = new m(E, R), function(L) {
            return q0(c, L)
        })]
    };
}).call(this);
                                    

#9 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 531ec07d216cb5810b6ebf63f292c8c1759049139e175d847973b17cd08238fa

                                        0,
function(J) {
    WO(J, 1)
}
                                    

#10 JavaScript::Eval (size: 10, repeated: 1) - SHA256: 433871939f367f87bba45eb7d59b85a6b23ff8ec95ba65f0005bf57288936714

                                        _ = true
                                    

Executed Writes (0)



HTTP Transactions (75)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 11:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bp4g3i6ODured4ZsbpjnCSVHf7tYZy1MbX0SjB7ZbK-6r8zL5v2byQ==
Age: 3251


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12120
Expires: Wed, 28 Sep 2022 15:31:50 GMT
Date: Wed, 28 Sep 2022 12:09:50 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7lLFQFIyNXDgJqvPlnTuJ1mZWHwQAL4eYoKQ2qx8IgD728ewvlp82w==
age: 24084
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 12:09:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 12:09:51 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 19:56:03 GMT
Expires: Tue, 04 Oct 2022 19:56:02 GMT
Etag: "89d57602b0854b732e646d1e1f7a55f77a193062"
Cache-Control: max-age=545771,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751c5f5c8aab1bfa-OSL

                                        
                                            GET /v3/__https://starbucks.cashstar.com/gift-card/view/udRe6EP6dCGgpbG2bEyedxb1K/david.klungle*40spectrumhealth.org/__;JQ!!DQv46r5x2oY!My4Ect-AGTBu63aUklX8cQMmajm6kmsRmqFUIualXfoCY-B85yP3gewzy0VPdWu0coM6EiJvcET3aAXsGkfOpeBLZfOg8LVoMV_O$ HTTP/1.1 
Host: urldefense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         52.71.28.102
HTTP/2 302 Found
                                        
date: Wed, 28 Sep 2022 12:09:51 GMT
content-length: 0
location: https://starbucks.cashstar.com/gift-card/view/udRe6EP6dCGgpbG2bEyedxb1K/david.klungle%40spectrumhealth.org/
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 11:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 12:03:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: --Esuj4ZmcVo2ogVOLdDNXLDQlyVvTgNz9w-8s7DbJWwzYOjFUW01A==
Age: 2418


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3472
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 12:09:51 GMT
Last-Modified: Wed, 28 Sep 2022 11:11:59 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e296YqqOs+8dDefB9Xscyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.77.40
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0EN42AeAuccWjJGzHjfxKzdPx6w=

                                        
                                            GET /gift-card/view/udRe6EP6dCGgpbG2bEyedxb1K/david.klungle%40spectrumhealth.org/ HTTP/1.1 
Host: starbucks.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         151.101.85.24
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
access-control-allow-origin: https://starbucks.cashstar.com
content-encoding: gzip
content-language: en-us
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
etag: W/"1c0d52d9e1d21f9c1dea9a8c08044054"
referrer-policy: origin
server: nginx
set-cookie: csrftoken=PhxdRCIUNpNQBf3JK6vnLq9C41wO5VdPiw3QgjnmiV9Z1pThe9hWFPja1UdqNPj3; expires=Wed, 27 Sep 2023 12:09:51 GMT; Max-Age=31449600; Path=/; SameSite=Lax; Secure rexsessionid=hboo9hclryd14urja3ea168oqha7ke0u; expires=Thu, 29 Sep 2022 12:09:51 GMT; HttpOnly; Max-Age=86400; Path=/; SameSite=Lax; Secure
strict-transport-security: max-age=16070400; preload; includeSubDomains;
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1659-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664366991.212765,VS0,VE798
vary: Cookie, Accept-Language
x-fastly-service: Prod - Consumer
content-length: 4609
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (568)
Size:   4609
Md5:    d78eda5c1dc6b5d321ca9d92299bd1b5
Sha1:   582bb45eb6223acc77c84d071869e1e2d60b35b4
Sha256: 3e41d69ca3e1c5a7c81fe22ee8c6c352c3525d8eba1196b996ae6c893049bae4
                                        
                                            GET /notice?domain=blackhawk-cashstar.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1 HTTP/1.1 
Host: consent.trustarc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
content-length: 5347
date: Wed, 28 Sep 2022 12:09:52 GMT
server: nginx
content-encoding: gzip
expires: Wed, 28 Sep 2022 13:09:52 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
timing-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dsTu891hrr_hZKa-tfP4wC8WdG_3ukZ5SX4odCCrYzCiypn4yr1buw==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2920)
Size:   5347
Md5:    501e5ceef21e97b86ec7926c33dba288
Sha1:   4c7271aeea0583e36e79c8657f3cd4c836358416
Sha256: 45a0471b8069798563627c666c94a79a2774eb3599f8f9e22dde45a635eef232
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 12:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4189
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 12:09:52 GMT
Last-Modified: Wed, 28 Sep 2022 11:00:03 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /recaptcha/api.js?render=6Lf0Kr8UAAAAAJ8IcK0IJu7sN9VvupHmhGNZn3Tq HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Wed, 28 Sep 2022 12:09:52 GMT
date: Wed, 28 Sep 2022 12:09:52 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   584
Md5:    649cba48efe7a9d6d02d871d6de16042
Sha1:   88f51f3fd20a38f5dd0018442399554425327b13
Sha256: ee4d28a1340afb4ac64dd4e5fa15938f0e8089f1666c21fbc103d71192b4b98b
                                        
                                            GET /snare.js HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.195.39.4
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 28 Sep 2022 12:09:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=YknTCpC4vcLc+2NnsS/lhivHiEYKsGrEsilUrHOp4M4=;Path=/;Expires=Thu, 28-Sep-2023 12:09:52 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (38512), with no line terminators
Size:   13028
Md5:    7220a9bd70c9684398fa336084d42231
Sha1:   96face36403c950369c06953ef6a40540b2a3b2e
Sha256: 91e951286eb4102d66a2148ba6fe6fd4d71b050b275be4976858bc55056c3e37
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 12:09:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 12:09:52 GMT
Server: ECS (amb/6B8E)
Content-Length: 279

                                        
                                            GET /recipient-experience/static/jslib/modernizr/modernizr.js HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: 904e/xBQeKqJk6Xp2WcVww9CbBt6VFtYV0oqTuLjCRnJVKwQ+W5jCg1Wtrns9MWtUMlPBV8vlf4=
x-amz-request-id: J4Z6KDHKC60VYG8B
last-modified: Wed, 28 Sep 2022 01:40:17 GMT
etag: "653f697449b9f0fbccac1031163202c8"
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664366992.191885,VS0,VE393
vary: Accept-Encoding
content-length: 86517
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text Nim source code, Unicode text, UTF-8 text, with very long lines (3424)
Size:   86517
Md5:    f6f6a58655bd367da54e547cd3f62a14
Sha1:   846ac93877371c23882d12a875447bec05b9c0b6
Sha256: 4c0dddb37bcf7ff8e939e0e1a4d21271d8f086f0ffba0d82a120c1fbd491c4c9
                                        
                                            GET /recipient-experience/static/js/arkose.js HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: Jj2GL//peOxWLm8XVDe6TQm35d+zH6nq17XyxpSn/Co6Z4viyYHiYqKBJVkMJQ8bUY5A3eVwVjY=
x-amz-request-id: J4Z7EYA9Q2GNDJZV
last-modified: Wed, 28 Sep 2022 01:39:21 GMT
etag: "9d91fae37ca4c411afd8a64a4b6f5307"
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664366992.190045,VS0,VE397
vary: Accept-Encoding
content-length: 340
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (707), with no line terminators
Size:   340
Md5:    2f5005d2c7678504b04faba4b49e5e66
Sha1:   ddae0384260d42d32587f1cfb8b4f9d010694367
Sha256: 4545dc182f60cb066a0d1d6d350f93c890e344006ae8871a5440053a6745be7c
                                        
                                            GET /recipient-experience/static/jslib/jquery/dist/jquery.min.js HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: mFD1BZlQ8vmpnjilNAIm8u53CngXU0/mZ9vivwAnbpepM08uDtYSw66cnDICCVaqjQZHq3CWR4I=
x-amz-request-id: J4ZB712BTCPDE526
last-modified: Wed, 28 Sep 2022 01:39:42 GMT
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664366992.192568,VS0,VE395
vary: Accept-Encoding
content-length: 30950
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30950
Md5:    8662c673de81c12dca4d43967e6ea48d
Sha1:   d51f4e8cbd8a05224bbd685d29adcd3b5d59821f
Sha256: 276b50639b3e8fbe4b4459513ecb68ab82973b84d49b6db67b4688df36ca559c
                                        
                                            GET /recipient-experience/static/js/iovationBB.js HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: xxurfG9kYIpLYz4Q6GsW+nxrxwRHm2oZfQQUolZK35jZRjqW2FUek5ffHqpIQYIlk60EcUa5VDE=
x-amz-request-id: J4Z3SRXF5PJ30PGN
last-modified: Wed, 28 Sep 2022 01:39:21 GMT
etag: "a1c911138cc758a5597d8ca9dcc074f5"
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664366992.191120,VS0,VE425
vary: Accept-Encoding
content-length: 161
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   161
Md5:    254204d15825438cb17c4ded73cb4fa3
Sha1:   29cf85e37740c9b6890d740a084a692d9a843813
Sha256: 0d5861fcef58157ab688f57de619575c3bc5fed8dfa44eb5ff6268f5149f5387
                                        
                                            GET /recipient-experience/static/js/jquery-utils.js HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: ZXVml+FztBeuehAdYeardzFYOyW+mAjXQ7ZpEQwkSAdBkXba4tZ9AlOKxolWbU/rW0xgDwqWtfU=
x-amz-request-id: J4Z4V7M4KS74FP8K
last-modified: Wed, 28 Sep 2022 01:39:21 GMT
etag: "514a1372dfe5261560b3b4e08e305dbb"
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664366992.196716,VS0,VE425
vary: Accept-Encoding
content-length: 207
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (380), with no line terminators
Size:   207
Md5:    697d7e508a1fb964b76e8775c576802b
Sha1:   de55cb1ba068f194a951837874730fdf8cbe1008
Sha256: f6bc99b036688a98da9665be8df00730bb55c41360da5aa2c5bba6716f64ee36
                                        
                                            GET /recipient-experience/static/js/switch_lang.js HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: BtQHWcCazkaS2/GmHGfwo/AZ1gE3jGDKBKHy4Cg0yxfQ2sy0JPzmAmkwQdyKIoIQ8OMIX4JJnUU=
x-amz-request-id: XWFZ2G4EKJPWY6KX
last-modified: Wed, 28 Sep 2022 01:39:21 GMT
etag: "c97af9a8e62f6a385f1f1a8db9fd692f"
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664366992.197135,VS0,VE437
vary: Accept-Encoding
content-length: 635
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   635
Md5:    2981379ee189c307f4a0cd820f4fb7ae
Sha1:   eefad38a19e3f9b727cd68a2f6b07bd2fc1bf472
Sha256: 8d19ddbcfc7d0d03a1605707c7465d106b091ecc122e441cbb76c50c6e4845ad
                                        
                                            GET /recipient-experience/static/STARBUCKS/css/challenge_brand.css HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: text/css
                                        
x-amz-id-2: aNxghpJE05ZCeQr8/Ki3XQxCgSlsGsupWkcxkT2noQDmkWXuMWtRVJ5vvciUBWuQFodPzgjVHUc=
x-amz-request-id: XWFXQD7HKE5YC9PY
last-modified: Wed, 28 Sep 2022 01:41:01 GMT
etag: "37f1483d455aa5944bc630f0da471001"
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664366992.188523,VS0,VE531
vary: Accept-Encoding
content-length: 10602
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (33455)
Size:   10602
Md5:    8612fb34fa3419e4996d087998792cd1
Sha1:   13f277619a4beabc768022490b5367bb6bfae4d3
Sha256: 56e9c5bbd45bf915311074a8ef7e0245253e55e0141378e10326f80804f0f064
                                        
                                            GET /3.12.0/raven.min.js HTTP/1.1 
Host: cdn.ravenjs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.2.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 27 Feb 2017 19:19:09 GMT
etag: "2f64dde57a3eac8bf6e1e3fb06fcc6cb"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:52 GMT
age: 29775
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
timing-allow-origin: *
cache-control: public, max-age=31536000
content-length: 9040
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (23471)
Size:   9040
Md5:    d375e4f092df8f6bcaa4d8d54adc418d
Sha1:   a54dbd47dddfd3f2baf401b939aae44c3b04b453
Sha256: 3c1a45c279c1cdedf180ea53ffe5088d608ee5ffa9a1dcf2836a22651512a608
                                        
                                            GET /log?domain=blackhawk-cashstar.com&country=no&state=&behavior=implied&c=c978 HTTP/1.1 
Host: consent.trustarc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Wed, 28 Sep 2022 12:09:52 GMT
server: nginx
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WVB7-VYIE5EmKPa_eWcFdwz4KBjo0va2O75ZoPKFZtI5kDemMl5L9A==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    db04c7b378cb2db912c3ba8a5a774ee3
Sha1:   dee34bd86c3484d31002182aa2b7caa4699126b8
Sha256: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
                                        
                                            GET /v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.html HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:52 GMT
cf-ray: 751c5f6a2fdc0b31-OSL
access-control-allow-origin: *
age: 7350652
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 06 Apr 2021 03:28:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1
content-security-policy: default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-id-2: aqyID9noPaqoMDIfLWXdfST1EdAaZmbEGsFfowtQ+p/HSwnTulY2Fmfp0Wcr90z/iG9WErpGnMM=
x-amz-request-id: GCZ0207J93HTBG6W
x-amz-version-id: null
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   875
Md5:    5fa3bef100e89cd2cefa6d3f95ca0382
Sha1:   dc1a28b47e2392553a7a820f201c78649a8af707
Sha256: 881e5634c23e8ca09f7b07af4bcd720bf239f4c874242372f6dacecb7a48ac0e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11508
Expires: Wed, 28 Sep 2022 15:21:41 GMT
Date: Wed, 28 Sep 2022 12:09:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11508
Expires: Wed, 28 Sep 2022 15:21:41 GMT
Date: Wed, 28 Sep 2022 12:09:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11508
Expires: Wed, 28 Sep 2022 15:21:41 GMT
Date: Wed, 28 Sep 2022 12:09:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11508
Expires: Wed, 28 Sep 2022 15:21:41 GMT
Date: Wed, 28 Sep 2022 12:09:53 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
age: 51589
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13299
Md5:    ad84ed0c5b2090df7996007514cf1984
Sha1:   651600f2ef18cecc2e38370069bbb5e1d86f68e0
Sha256: a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: L2Of12XTKmTF2EPL4MHpJvBW7GNS8gSRs3FuUMB-RUpTZaY8ew_o_w==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:26:00 GMT
age: 24233
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9733
Md5:    f3e1fd3401c5e635a8dbeec5f78b721d
Sha1:   2142075b27d0d355c51231ab06fea46e25eb9c59
Sha256: 2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
age: 51655
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 51675
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12016
Md5:    4b794c6812cb546de0295e087ebe66a7
Sha1:   a54803cca7d3c509c195f65961e1110c8ec56f55
Sha256: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 51830
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14464
Md5:    aa5cad224dbddd71881bd07255beb4da
Sha1:   bc214d60be395d4cf753216ff8f9691c33d25e75
Sha256: 82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nGnmFT67fzMRLNOFHdBrKESts60HpmkfEnt5dtCWcPrCbUSlGhMG6Q==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:41:22 GMT
age: 52111
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7128
Md5:    4197a8a505b360b0c43142faf8cb7f48
Sha1:   4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
Sha256: 434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce
                                        
                                            GET /notice?domain=blackhawk-cashstar.com&country=no&js=nj2&c=teconsent&noticeType=bb&text=true&gtm=1 HTTP/1.1 
Host: consent.trustarc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
content-length: 5189
date: Wed, 28 Sep 2022 12:09:53 GMT
server: nginx
content-encoding: gzip
expires: Wed, 28 Sep 2022 13:09:53 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ObJ2OdO6UJW-B5nmlpD4NNT0N8HWkGXqa60A2YL0NuSooBKWU_kHSw==
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (5615)
Size:   5189
Md5:    63ba059a2f65b67aece69b1bc243448b
Sha1:   a93abba2c77707b6247988701c8d7caa89665cf8
Sha256: 3fd64682632f0dfccc7c917ded0a740c40f1232d0d45d02425229158dafebed9
                                        
                                            GET /v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/9.bundle.3d766c08bca4141d79359fa4df1f3ec1.js HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:53 GMT
cf-ray: 751c5f6b99510b31-OSL
access-control-allow-origin: *
age: 7350652
cache-control: public, max-age=31536000, immutable
etag: W/"3ea23554a712d18a45a5206f7ef52a3c"
last-modified: Tue, 06 Apr 2021 03:28:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1
content-security-policy: default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-id-2: pirpD6ug2qQxeXb6siHE6QNqg+yPtOmOuEo5qCVMSN+MJDUs0awtokP+omBlcrkq7f5uOytAaRo=
x-amz-request-id: G9QZ086767XNWH6G
x-amz-version-id: null
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9275)
Size:   3529
Md5:    cca48d054a5da5289e31476bee43352b
Sha1:   70602f20d7393d131f5b944561a5b2848c4bcb5f
Sha256: 090cecce15a981ebb59f501e93dd9c33fafbe6ed1b60a43a7fa7338bf0d8c065
                                        
                                            GET /v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/public-key-settings0.bundle.3d766c08bca4141d79359fa4df1f3ec1.js HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:53 GMT
cf-ray: 751c5f6b894f0b31-OSL
access-control-allow-origin: *
age: 739519
cache-control: public, max-age=31536000, immutable
etag: W/"cd4f7a7c9e47fee4bca1ec8f6cd4cd87"
last-modified: Tue, 06 Apr 2021 03:28:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1
content-security-policy: default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-id-2: /FpVvMFQ/IIQzK8FRI/Uv4clNHFbUKhvdl4JmuvRukDEiEnRXRznxjKn1T6ZJHDwN47xjJF4rwM=
x-amz-request-id: B50M3HE4FCCHMACT
x-amz-version-id: null
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   258
Md5:    c0d6412777aaf8601838a61781ee93f1
Sha1:   2e9623237198b162513ff744880f891efd05798c
Sha256: ca0998efde9a1ef13aaefb1d4b03d3b75031c5abc84d72c744f1133a15e1d963
                                        
                                            GET /v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/vendors~enforcement.bundle.3d766c08bca4141d79359fa4df1f3ec1.js HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:53 GMT
cf-ray: 751c5f6a68240b31-OSL
access-control-allow-origin: *
age: 7350653
cache-control: public, max-age=31536000, immutable
etag: W/"83b4396fd591ca60e3447fd35a2c5be9"
last-modified: Tue, 06 Apr 2021 03:28:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1
content-security-policy: default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-id-2: 6P+SRp/EqxsRuO+cYqolPNSwXprP24OrzfcYnGHLyzs3Xf2tJVYk6AmuCxUoxbHq1Eb8LIAYXDA=
x-amz-request-id: GCZE22T401YTDP4K
x-amz-version-id: null
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
Size:   30873
Md5:    19d4f65b01d868673bbd2425e8e990fc
Sha1:   8d181285797ca7fe8841f5f010b1e2d531fa73aa
Sha256: f70bb4a8a1598f7e504e3750d26936ba7e9ead2ccde268db47377ae0fb2f3535
                                        
                                            GET /recipient-experience/static/ecstatic-brand/STARBUCKS/fonts/SoDoSans-Regular.woff2 HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://s3static.cashstar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: font/woff2
                                        
x-amz-id-2: TLWkFyjQ8eGTdakrR+lWLdu6Vgjs8kTSDG6wAfNqZxY/8/xBuMuGNf3VA4eaAWHgbW9XWgSQHMo=
x-amz-request-id: NN57SQD4R69G8Q7D
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Type, Date
access-control-max-age: 0
last-modified: Wed, 28 Sep 2022 01:41:13 GMT
etag: "07fc7e93ab4ec5932e743434a6eac4be"
server: AmazonS3
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:53 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664366993.792630,VS0,VE553
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-length: 22768
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22768, version 1.0\012- data
Size:   22768
Md5:    07fc7e93ab4ec5932e743434a6eac4be
Sha1:   4620b3c48638054a40fd103315bc964fafa6365b
Sha256: 1da9ff5ecea3aa1a0a6c90031e3842fa9a64adf9c8e052199d101efa37243b24
                                        
                                            GET /recipient-experience/static/jslib/webfontloader/webfontloader.js HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: t1wL9UxMAsUAo4/ESa6iQBztvqArPFyhsbg9ORN8XT3brPwQ9CzqhxZEAmeRRzRm1F+0O+zjbA4=
x-amz-request-id: NN5FH4N5SE6C77WV
last-modified: Wed, 28 Sep 2022 01:39:32 GMT
etag: "7e2893ef542a12a5c7207d438bfa87d8"
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:53 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664366993.892382,VS0,VE462
vary: Accept-Encoding
content-length: 5013
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2171)
Size:   5013
Md5:    8b34c66978765f9734d516798ad16fb0
Sha1:   db5c7ac43971947683313a4f0e422e384a280892
Sha256: 44bec502d8354b240a0e6d094799cc486727907464f7d1c871df89e641fa1240
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 12:09:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 578145
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 12:09:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 578145
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 12:09:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recipient-experience/static/jslib/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://s3static.cashstar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: font/woff
                                        
x-amz-id-2: 7pxgE/crUyf41K0zmnu4zUSB/c4iZeT5zcHIJxcfjk8fcW8+Q+3zFX6UqpTzUlP+IID6gMfDmr0=
x-amz-request-id: NN5F369D8JETHB1C
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Type, Date
access-control-max-age: 0
last-modified: Wed, 28 Sep 2022 01:40:30 GMT
etag: "d95d6f5d5ab7cfefd09651800b69bd54"
server: AmazonS3
access-control-allow-origin: *
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:53 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664366993.937726,VS0,VE596
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-length: 65452
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 65452, version 1.0\012- data
Size:   65452
Md5:    d95d6f5d5ab7cfefd09651800b69bd54
Sha1:   7d65e0227d0d7cdc1718119cd2a7dce0638f151c
Sha256: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
                                        
                                            GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
age: 222238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (826)
Size:   158248
Md5:    db1b5789e9915e9c82f5df92e5982980
Sha1:   2e193e502995501c85f45fd89d9f83707a7f9573
Sha256: db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
                                        
                                            GET /script/logo.js HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.195.39.4
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 28 Sep 2022 12:09:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Thu, 28 Sep 2023 12:09:53 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   108
Md5:    062a4191f9ab76b3a3c7efd5ef276104
Sha1:   c8b06c27afceb255f5b73a76249a958120830de7
Sha256: e8e93b39a312382449efbc375ac486daeaabc41b5f287ca903fe172ad67fdf46
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:10:21 GMT
expires: Wed, 27 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 68372
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:17:26 GMT
expires: Wed, 27 Sep 2023 17:17:26 GMT
cache-control: public, max-age=31536000
age: 67947
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Size:   23236
Md5:    716309aab2bca045f9627f63ad79d0bf
Sha1:   38804233a29aaf975d557fe14e762c627bef76e0
Sha256: 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
                                        
                                            GET /s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 12:06:37 GMT
expires: Mon, 25 Sep 2023 12:06:37 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:10:29 GMT
age: 259396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17728, version 1.0\012- data
Size:   17728
Md5:    9d09d1df90538b11770ec5f593b6d792
Sha1:   6e117eeeda54f443063becf094332b362e19abb8
Sha256: a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
                                        
                                            GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:02:01 GMT
expires: Tue, 26 Sep 2023 20:02:01 GMT
cache-control: public, max-age=31536000
age: 144472
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Size:   24408
Md5:    efee2d080d7bebdd2e0aeb2e030813a0
Sha1:   f8d38f9f9584e48c2e469877ebd94232265585f1
Sha256: bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
                                        
                                            GET /s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:27:47 GMT
expires: Wed, 27 Sep 2023 17:27:47 GMT
cache-control: public, max-age=31536000
age: 67326
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24448, version 1.0\012- data
Size:   24448
Md5:    865e46af816320c9f32234e8968558d0
Sha1:   6791e9f732fcbde0f375f84ccbc14c4ac72795a3
Sha256: 6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
                                        
                                            GET /s/creteround/v14/55xoey1sJNPjPiv1ZZZrxK170b0.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11472
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 21:15:38 GMT
expires: Fri, 22 Sep 2023 21:15:38 GMT
cache-control: public, max-age=31536000
age: 485655
last-modified: Thu, 21 Apr 2022 16:54:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11472, version 1.0\012- data
Size:   11472
Md5:    bd55e3401dc3d7e2ce24dbbdc9c5af79
Sha1:   b3d3b0ca11f0ec5f4ada517d4dfbb4caee24bbe5
Sha256: d6cf043c1df69a6d18b90ca67b0c71798eed5b3a9b949a942139a6e49e347285
                                        
                                            GET /v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/8.bundle.3d766c08bca4141d79359fa4df1f3ec1.js HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:53 GMT
cf-ray: 751c5f6b89500b31-OSL
access-control-allow-origin: *
age: 7350652
cache-control: public, max-age=31536000, immutable
etag: W/"7767f60fcdace8fde72ba32c2f55a136"
last-modified: Tue, 06 Apr 2021 03:28:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1
content-security-policy: default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-id-2: yBwF5A9H6BoKIB/nGrFTqy01XTAnG5MX85mretgaWlZ3DzmMerfRUCrSKIonsqgk4tPlTF5zaU4=
x-amz-request-id: G9QTWPSZDVG1N0QY
x-amz-version-id: null
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59321)
Size:   47411
Md5:    a5bdb51f76b480217796c9b11dc7d9e6
Sha1:   71f59167bdadcfd92570268ac7d6196eafa1bfe6
Sha256: ddd61290a8ae0bf72e1c7b74e1943f8a8f58b43451d29a40e47f72cec67547e2
                                        
                                            GET /s/creteround/v14/55xqey1sJNPjPiv1ZZZrxK1-4b_oLg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12880
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:46:55 GMT
expires: Sat, 23 Sep 2023 00:46:55 GMT
cache-control: public, max-age=31536000
age: 472978
last-modified: Thu, 21 Apr 2022 16:33:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12880, version 1.0\012- data
Size:   12880
Md5:    ae920c3477ef9ac68bb146a19315df6e
Sha1:   fa6d23b11c20cc1b3aaa208b8b0b621c3281fdcf
Sha256: 3aa0c46a7c48bdec67fb17ea83280a2e0f90997b0f7ed3d2efb7fceb6dc882b7
                                        
                                            GET /recipient-experience/static/ecstatic-brand/STARBUCKS/images/common/favicon.ico HTTP/1.1 
Host: s3static.cashstar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         151.101.84.138
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
                                        
x-amz-id-2: Qo576zZaFNwOJrOKKLbYjIZXrpQOKAKngq92VhanNA2CnGLv8EX0Jg2NFD08JxuzNh9MQP7KgV8=
x-amz-request-id: NN52T1SXY4VK941D
last-modified: Wed, 28 Sep 2022 01:41:13 GMT
etag: "fa1a0245a5a1c09d1120277096f03a3a"
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 12:09:53 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664366994.552131,VS0,VE402
vary: Accept-Encoding
content-length: 2061
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 24 bits/pixel\012- data
Size:   2061
Md5:    9d5549ba445d03f1a7c427ccc7c7c48d
Sha1:   2e0ca044e0f9ae4578412bae1b855abcb0290c8c
Sha256: 319a18ab79fece8cc9c741e9e9053b8181ab429fbebca9671adf2a6b9f2e644a
                                        
                                            GET /v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/api.js HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:52 GMT
cf-ray: 751c5f664b630b31-OSL
access-control-allow-origin: *
age: 2221673
cache-control: public, max-age=0, s-maxage=31536000
etag: W/"9c074fa2f1686c166f18918159ffba3f"
last-modified: Tue, 06 Apr 2021 03:28:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1
content-security-policy: default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-id-2: kRy8+Qu8KQnocq1ptIuJvIcBLkNnIQPlqyW//D8IpQzKF19Qe4HHk/lio1tzGsUTsQ9QzbnuMi4=
x-amz-request-id: DWZKX5SVAG9D34E1
x-amz-version-id: null
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
Size:   58547
Md5:    bf104566a7bd0f24db4d3b3d127115ef
Sha1:   718eaf319c0963f8ffad36cc9426c2d283e02672
Sha256: 316ca9daee9ac33d8baa8cd9f9d303c86257eed3f7ac34125bdf743ecd282a4c
                                        
                                            GET /cdn/fc/js/9206feb20c7230e0652ccace34c0236e7f9a092c/standard/fc_general.js HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/fc/gc/?token=932633439922123c6.6227394905&r=eu-west-1&metabgclr=%23ffffff&guitextcolor=%23000000&metaiconclr=%23757575&meta=3&pk=84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1&at=40&rid=67&ht=1&atp=2&cdn_url=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fclient-api.arkoselabs.com&smurl=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:55 GMT
cf-ray: 751c5f772d4f0b31-OSL
access-control-allow-origin: *
age: 1154692
cache-control: public, max-age=31536000, immutable
etag: W/"e094828e4789fa687a74ce9910035332"
last-modified: Tue, 13 Sep 2022 05:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-id-2: a4eDyLCmDfbKraPvE1Ks3/DTkrdQ2gohvZh/6FcAfhKKYzt6/ACN39m5cKAdwGW1Wat6+pDX2kI=
x-amz-request-id: AZ974VRKBKBM03PA
x-amz-version-id: KMV8AkfxHU6nS9hwHwGaDGI8hVvMCvvY
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65395)
Size:   44268
Md5:    88a60d30adf0100d36cd13984e7ec37f
Sha1:   f220e64b39e3846a00971e5160d0a2de6f8ccdff
Sha256: b5458d62d2b88048a861d71d29169af72736170ffca31e1520a232ce463697c8
                                        
                                            GET /cdn/fc/gc/css/min/9206feb20c7230e0652ccace34c0236e7f9a092c/fc-meta-3.css HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/fc/gc/?token=932633439922123c6.6227394905&r=eu-west-1&metabgclr=%23ffffff&guitextcolor=%23000000&metaiconclr=%23757575&meta=3&pk=84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1&at=40&rid=67&ht=1&atp=2&cdn_url=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fclient-api.arkoselabs.com&smurl=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:55 GMT
cf-ray: 751c5f771d440b31-OSL
access-control-allow-origin: *
age: 1154692
cache-control: public, max-age=31536000, immutable
etag: W/"7f0d7a1c880f5c7f49c89c0b728d3f50"
last-modified: Tue, 13 Sep 2022 05:18:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-id-2: iPQDMwz35xlG7n4rlEVXyqLiegrPI0cU2J7xH9laqYG2aYWPLbQ+5ufdaSNzF9uXsC0NFAb8G8s=
x-amz-request-id: AZ9AR72XEJ81T91H
x-amz-version-id: WObMOrAZFFseAdOp17qZElsF43TVp5pH
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (7724), with no line terminators
Size:   63757
Md5:    e9fec165b2fd2df23a9e0d9d4a17f334
Sha1:   9210d718b05de48200ac61ede7b5a199af965295
Sha256: 621ebb38c1d7dfc724009fd0027dba0d6e722704ae18b0240cf042115f661cbb
                                        
                                            GET /cdn/fc/assets/game3failureexamples/confounding-icons-pig-noloop/incorrect.gif HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/fc/assets/tile-game-ui/13.33.0/standard/index.html?meta=3
Connection: keep-alive
Cookie: timestamp=166436600992837
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 28 Sep 2022 12:09:56 GMT
content-length: 58181
cf-ray: 751c5f7dfcc90b31-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1789335
cache-control: public, max-age=31536000, immutable
etag: "b52655d86260ed0e9bbeff096bbcd7a9"
last-modified: Tue, 21 Jun 2022 03:54:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-id-2: j9N+koeY/bfJeHB36hNQEYN/qjzG7Uka0Nn4xFoNhQFaHSZgXBfzPG4TK0VlF0n4QwSqVGuQAhA=
x-amz-request-id: 0HRWZBKC1QBEP7A8
x-amz-version-id: u06sECVo7X0cTGDh20pcBg7_qspOghKz
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 100\012- data
Size:   58181
Md5:    b52655d86260ed0e9bbeff096bbcd7a9
Sha1:   137b693105fba35288a91045b08101674d74a925
Sha256: 65392345fc7b8c39634ab8a3a14c1684fe3f1bfd4fdccea8cf970acc87c9f455
                                        
                                            POST /fc/a/ HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/fc/gc/?token=932633439922123c6.6227394905&r=eu-west-1&metabgclr=%23ffffff&guitextcolor=%23000000&metaiconclr=%23757575&meta=3&pk=84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1&at=40&rid=67&ht=1&atp=2&cdn_url=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fclient-api.arkoselabs.com&smurl=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
cache-control: no-cache
X-NewRelic-Timestamp: 166436600992828
X-Requested-ID: {"ct":"vUaoii/TjKRihF4r8IxCeQ==","iv":"aeed80c35b555bfa9dd9f4a9a10a78b5","s":"bc5ac70047ea4b3c"}
X-Requested-With: XMLHttpRequest
Content-Length: 254
Origin: https://client-api.arkoselabs.com
Connection: keep-alive
Cookie: timestamp=166436600992828
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 12:09:55 GMT
cf-ray: 751c5f78bf180b31-OSL
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
hackers: www.arkoselabs.com/whitehat/
sregion: eu-west-1
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn/fc/js/9206feb20c7230e0652ccace34c0236e7f9a092c/standard/meta_bootstrap.js HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/fc/gc/?token=932633439922123c6.6227394905&r=eu-west-1&metabgclr=%23ffffff&guitextcolor=%23000000&metaiconclr=%23757575&meta=3&pk=84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1&at=40&rid=67&ht=1&atp=2&cdn_url=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fclient-api.arkoselabs.com&smurl=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:55 GMT
cf-ray: 751c5f772d4b0b31-OSL
access-control-allow-origin: *
age: 1154692
cache-control: public, max-age=31536000, immutable
etag: W/"38b86cd7d263dff109361496aa8b3b1c"
last-modified: Tue, 13 Sep 2022 05:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-id-2: uLtoKr88QdX/sWIBq7wC6Hf29TcJsN/TEKMAl4lwnwxqFDeMAjFj8oD6D06VkPcdx7FPVZP0BtQ=
x-amz-request-id: AZ99HYFZR087ENGY
x-amz-version-id: uMdqO9BXXK0WLahq93UNx44UQ32VJ32x
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn/fc/gc/images/tick.svg HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/fc/assets/tile-game-ui/13.33.0/standard/index.html?meta=3
Connection: keep-alive
Cookie: timestamp=166436600992837
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 12:09:56 GMT
cf-ray: 751c5f7e0ccc0b31-OSL
access-control-allow-origin: *
age: 13677782
cache-control: public, max-age=31536000, immutable
etag: W/"6a0184663bbc051c7f2445c4f56f9bd4"
last-modified: Wed, 24 Jun 2020 03:56:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-id-2: gqpRS3pFhdxkmCf5hhJPspSnyuhAHh1950qFsJJ4sAN5lspabf1c5SHbTeH/lvTujCTJq4+QkFU=
x-amz-request-id: DK6P7S9Q1J5K8TDY
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /fc/gt2/public_key/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1 HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.html
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 5520
Origin: https://client-api.arkoselabs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 12:09:54 GMT
cf-ray: 751c5f711f6b0b31-OSL
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
hackers: www.arkoselabs.com/whitehat/
sregion: eu-west-1
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fc/api/?onload=loadChallenge HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 12:09:53 GMT
cache-control: public, no-cache
etag: W/"9206feb20c7230e0652ccace34c0236e7f9a092c|sha384-AfSxux7Nq1lHNjQpOmMzWiqihaBjaGMCAhzlwzy2eIcH1J82nbqLpon7zDWR/EZ1"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
cf-ray: 751c5f6b99520b31-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /fc/a/ HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/fc/gc/?token=932633439922123c6.6227394905&r=eu-west-1&metabgclr=%23ffffff&guitextcolor=%23000000&metaiconclr=%23757575&meta=3&pk=84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1&at=40&rid=67&ht=1&atp=2&cdn_url=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fclient-api.arkoselabs.com&smurl=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
cache-control: no-cache
X-NewRelic-Timestamp: 166436600994150
X-Requested-ID: {"ct":"YUgPQb10vgzlHAd5yKEUew==","iv":"db6d815b4d103779d139b46b8ddef05b","s":"c57ceae96be2151c"}
X-Requested-With: XMLHttpRequest
Content-Length: 180
Origin: https://client-api.arkoselabs.com
Connection: keep-alive
Cookie: timestamp=166436600994150
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 12:09:56 GMT
cf-ray: 751c5f80ffd50b31-OSL
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
hackers: www.arkoselabs.com/whitehat/
sregion: eu-west-1
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /fc/misc/refresh/ HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/fc/gc/?token=932633439922123c6.6227394905&r=eu-west-1&metabgclr=%23ffffff&guitextcolor=%23000000&metaiconclr=%23757575&meta=3&pk=84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1&at=40&rid=67&ht=1&atp=2&cdn_url=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fclient-api.arkoselabs.com&smurl=https%3A%2F%2Fclient-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
cache-control: no-cache
X-NewRelic-Timestamp: 166436600994146
X-Requested-ID: {"ct":"eBp2dpYpOYnj10qrNe0aXw==","iv":"fdea084a1f8ecfadc45259b37a71c64a","s":"b2835d75a677fe03"}
X-Requested-With: XMLHttpRequest
Content-Length: 70
Origin: https://client-api.arkoselabs.com
Connection: keep-alive
Cookie: timestamp=166436600994150
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 12:09:56 GMT
cf-ray: 751c5f80efd00b31-OSL
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
hackers: www.arkoselabs.com/whitehat/
sregion: eu-west-1
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/public-key-style0.bundle.3d766c08bca4141d79359fa4df1f3ec1.js HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:53 GMT
cf-ray: 751c5f6b99530b31-OSL
access-control-allow-origin: *
age: 739519
cache-control: public, max-age=31536000, immutable
etag: W/"cc33f172e7a4659225d7734f4b6f4bae"
last-modified: Tue, 06 Apr 2021 03:28:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1
content-security-policy: default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-id-2: WNW0f8bH4Q931QBXraKQDI15XOIDX5jWkBivhFgyYWiTJnZ3ZCjVm9ZPzzoTRC5jaWeN1oJfbMY=
x-amz-request-id: B50Q2CJS74ZJVV5M
x-amz-version-id: null
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asset/notice.js/v/v1.7-9931 HTTP/1.1 
Host: consent.trustarc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://starbucks.cashstar.com/
Origin: https://starbucks.cashstar.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
last-modified: Tue, 2 Aug 2022 10:46:29 GMT
pragma: public
timing-allow-origin: *
content-encoding: gzip
date: Wed, 28 Sep 2022 11:24:02 GMT
expires: Fri, 28 Oct 2022 11:24:02 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1FVwk0-ek_Lb7xvSTIEtsAsifQ0GLlLEpyomdX6AsZAcGW_QWY1OvA==
age: 2750
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.js HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/v2/84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1/enforcement.3d766c08bca4141d79359fa4df1f3ec1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 12:09:53 GMT
cf-ray: 751c5f6a78270b31-OSL
access-control-allow-origin: *
age: 7350653
cache-control: public, max-age=31536000, immutable
etag: W/"1657fd1e2b15310ccf26634a0f575107"
last-modified: Tue, 06 Apr 2021 03:28:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cache-tag: 84E1DACC-3B8E-04D6-6E35-2A7D2B8ACFE1
content-security-policy: default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-id-2: r4tdMIyeJM/xEnT4rbEdWHklKaeDrrzMFP4tjjcsDYe6QO6ig6sPgBSc6S7Glvx0RknO3+zN2Yo=
x-amz-request-id: GCZ7DJWJJSK0358X
x-amz-version-id: null
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn/fc/gc/images/cross.svg HTTP/1.1 
Host: client-api.arkoselabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client-api.arkoselabs.com/fc/assets/tile-game-ui/13.33.0/standard/index.html?meta=3
Connection: keep-alive
Cookie: timestamp=166436600992837
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.64.145.27
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 12:09:56 GMT
cf-ray: 751c5f7e0ccf0b31-OSL
access-control-allow-origin: *
age: 12477194
cache-control: public, max-age=31536000, immutable
etag: W/"e8be187f6e680a2a6ab4b1497dc4eb37"
last-modified: Wed, 24 Jun 2020 03:56:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-id-2: yUvbbTVKh7KLTgi1Elvtdmvi1hd48FFuvIwR7LUNocf3lk8ZJCc7/5BnZ7x+ocJmB5ruHTrc5g8=
x-amz-request-id: 5KSQ42NXJRCRAB2P
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---