signin.costco.com Open in urlscan Pro
23.36.163.240  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://sameday.costco.com/s/NmkyQjNNNnlw Page URL
2. https://order-sameday.costco.com/t/NmkyQjNNNnlw HTTP 301
   https://sameday.costco.com/account/order/ic/08018152283859430722 Page URL
   
3. https://www.costco.com/logon-instacart?redirect_uri=https://sameday.costco.com/social-redirect/costco_idp HTTP 302
   https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://order-sameday.costco.com/t/NmkyQjNNNnlw HTTP 301
• https://sameday.costco.com/account/order/ic/08018152283859430722

Request Chain 144

• https://cm.everesttech.net/cm/dd?d_uuid=37735878669385250010515610872530683861 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=YufglgAAAGA9-AN-

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	NmkyQjNNNnlw Show response sameday.costco.com/s/	5 KB 3 KB	328ms 171ms	Document text/html	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de7f82b6cfdb734ac8a2fb7ad9f6d214a9a76bb1ba12db539ec7cb457c2edbc1 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 733f3328ec809be8-FRA content-encoding br content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com content-type text/html date Mon, 01 Aug 2022 14:17:52 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Thu, 28 Jul 2022 14:50:08 GMT referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 google x-content-type-options nosniff x-dns-prefetch-control off x-envoy-upstream-service-time 2 x-frame-options sameorigin x-xss-protection 1; mode=block
GET H2	200	runtime.ddc01349.js Show response sameday.costco.com/	6 KB 3 KB	30ms 28ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/runtime.ddc01349.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 644fd67f9d33cb0a94e9929ad7aa880184c1198a355f2098c73a5fe38da6cac3 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:52 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 331026 x-dns-prefetch-control off x-envoy-upstream-service-time 0 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-1883" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332a0e6e9be8-FRA expires Fri, 28 Jul 2023 18:20:46 GMT
GET H2	200	1746.9c0d0a5a.js Show response sameday.costco.com/	2 MB 492 KB	34ms 33ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/1746.9c0d0a5a.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 262505b7bd3e5e376187e421f647da2465ba28494d5e6d751d4f199667be4929 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:52 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 176154 cf-polished origSize=1608288 x-dns-prefetch-control off x-envoy-upstream-service-time 0 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-749ea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332a0e729be8-FRA expires Sun, 30 Jul 2023 13:21:58 GMT
GET H3	200	app.609fc863.js Show response sameday.costco.com/	1 MB 396 KB	31ms 30ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/app.609fc863.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09eac5cd1891cfe08f2060d5f8753c4207b10990e9f23f81cbbcc7199740734c Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 185534 cf-polished origSize=1211381 x-dns-prefetch-control off x-envoy-upstream-service-time 2 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-62299" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332b19049055-FRA expires Sun, 30 Jul 2023 10:45:39 GMT
GET H3	200	ie.efe6cbef.js Show response sameday.costco.com/	934 B 1 KB	38ms 38ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/ie.efe6cbef.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cbbb15134eb811c99f0456fc33d8b24475cafc99831833a303204e93b6cef08 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1044169 x-dns-prefetch-control off x-envoy-upstream-service-time 1 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-3a6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332b59ab9055-FRA expires Thu, 20 Jul 2023 12:15:04 GMT
GET H3	200	polyfills.67139b2f.js Show response sameday.costco.com/	9 KB 4 KB	30ms 30ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/polyfills.67139b2f.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4560f024cd9ce95b400e8589861fddce005137d35017c86b3e5aa24d71410adc Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1044169 cf-polished origSize=9040 x-dns-prefetch-control off x-envoy-upstream-service-time 1 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-2350" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332b9a1e9055-FRA expires Thu, 20 Jul 2023 12:15:04 GMT
GET H2	200	app.dc4e82f3.css sameday.costco.com/	732 KB 138 KB	28ms 27ms	Stylesheet text/css	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/app.dc4e82f3.css Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ae6002605938d6c21d23b1c3668196884e851c6d221824a8856ea33ba6f498a Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:52 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1053120 x-dns-prefetch-control off x-envoy-upstream-service-time 0 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-21743" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332a0e6f9be8-FRA expires Thu, 20 Jul 2023 09:45:52 GMT
GET H2	200	ie.f9b0a824.css sameday.costco.com/	829 B 545 B	27ms 26ms	Stylesheet text/css	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/ie.f9b0a824.css Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2128c4a60bf286ca9f1751a713f5346ed2d98aab1500f2e378090f302c8a782e Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:52 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1053120 x-dns-prefetch-control off x-envoy-upstream-service-time 3 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-33d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332a0e719be8-FRA expires Thu, 20 Jul 2023 09:45:52 GMT
GET H2	200	env-config.js Show response sameday.costco.com/	153 B 347 B	157ms 156ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/env-config.js?v=1 Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec19b24688152abedd5bb3a39ccc1cb5b6dfb32af88e3649f777c9b2de8b5d5f Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status MISS x-dns-prefetch-control off x-envoy-upstream-service-time 1 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 29 Jul 2022 21:41:32 GMT server cloudflare x-frame-options sameorigin etag W/"62e4540c-99" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control no-cache,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332a1e8f9be8-FRA expires Mon, 01 Aug 2022 14:17:52 GMT
GET H2	200	frontend-config.js Show response sameday.costco.com/	171 KB 53 KB	186ms 186ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/frontend-config.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 023f9d3c67c6670f3c18e3567889bb4f5f90dd9e2988a90fc2ba3c5525d10bd5 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status MISS x-dns-prefetch-control off x-envoy-upstream-service-time 2 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 29 Jul 2022 21:42:32 GMT server cloudflare x-frame-options sameorigin etag W/"62e45448-2aadb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control no-cache,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332a1e929be8-FRA expires Mon, 01 Aug 2022 14:17:52 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 8 KB	37ms 17ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d06c1d1f95928227b923f8e2b201da367b26a9f30cce47c39eb994bdc1120eea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://sameday.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 XGsNmGJmo+/l1+I4Ho2svw== age 716 vary Accept-Encoding content-length 7093 x-ms-lease-status unlocked last-modified Mon, 01 Aug 2022 02:45:23 GMT server cloudflare etag 0x8DA7367E19AD3E8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id b3f2a024-901e-003e-2653-a56ec7000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f332b7af5928d-FRA
GET H2	200	2653cf4b-5c84-40d7-a99b-fa6e1592503b.json Show response cdn.cookielaw.org/consent/2653cf4b-5c84-40d7-a99b-fa6e1592503b/	3 KB 2 KB	80ms 55ms	XHR application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/2653cf4b-5c84-40d7-a99b-fa6e1592503b/2653cf4b-5c84-40d7-a99b-fa6e1592503b.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 910d1b02b39c21741735ce4eda10fd396cae42f44468ac49ae95d5d136fb6854 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 CYyS8sQRTEf7la8GE0TFZQ== vary Accept-Encoding content-length 1302 x-ms-lease-status unlocked last-modified Wed, 19 Jan 2022 00:39:54 GMT server cloudflare etag 0x8D9DAE435F37810 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 464b0abb-c01e-00e1-5e1a-573f93000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f332bcd8e9b2d-FRA expires Mon, 01 Aug 2022 18:17:53 GMT
GET H3	200	3131.31d05b39.chunk.js Show response sameday.costco.com/js/	2 KB 2 KB	25ms 25ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/js/3131.31d05b39.chunk.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/runtime.ddc01349.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0a8ae95aa5313362da9f813414eb4c8464e4ec3b5e1b110fdcc6c8eb86c25e6 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1044168 x-dns-prefetch-control off x-envoy-upstream-service-time 2 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-9c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332c3b0d9055-FRA expires Thu, 20 Jul 2023 12:15:05 GMT
POST H2	200	/ Show response o502263.ingest.sentry.io/api/66740/envelope/	2 B 278 B	33ms 10ms	Fetch application/json	34.120.195.249 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o502263.ingest.sentry.io/api/66740/envelope/?sentry_key=3b3e513109284a97bcc8dd5a3492681a&sentry_version=7 Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://sameday.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://sameday.costco.com access-control-expose-headers retry-after, x-sentry-error, x-sentry-rate-limits x-envoy-upstream-service-time 0 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
GET DATA	200 OK	truncated /	821 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cfeb9d5512e0b20d4999f9d30c3d7a7b8eafd005786e846c8ed300d242ca9c9a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	176 B 458 B	63ms 45ms	XHR application/json	2606:4700:4400::6812:2962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://sameday.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 733f332d0a07bb80-FRA access-control-allow-headers Content-Type
GET H3	200	frontend_configs Show response sameday.costco.com/api/v2/facts/	40 B 491 B	192ms 178ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/facts/frontend_configs Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbb452bee546a04f34c934229591aa61aeec286d0d47bc3e07efe3e908aee503 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Referer https://sameday.costco.com/s/NmkyQjNNNnlw accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjpudWxsLCJUcmlhbFVzZXIiOnRydWV9 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 12 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 1238a209-f58d-91a7-a52e-8977595be764 cf-ray 733f332d0c6b9bb2-FRA
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.24.0/	317 KB 76 KB	15ms 15ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 V5hcbF1dEgrls6P2M61C9g== age 339 vary Accept-Encoding content-length 77260 x-ms-lease-status unlocked last-modified Thu, 30 Sep 2021 02:38:37 GMT server cloudflare etag 0x8D983BB67EEBDFE expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 90d13ccb-201e-0063-52cf-119ec3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f332d4e08928d-FRA
GET H2	200	en.json Show response cdn.cookielaw.org/consent/2653cf4b-5c84-40d7-a99b-fa6e1592503b/32565fb0-44fb-4700-ac02-0ef874248423/	159 KB 30 KB	61ms 61ms	Fetch application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/2653cf4b-5c84-40d7-a99b-fa6e1592503b/32565fb0-44fb-4700-ac02-0ef874248423/en.json Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7583d94fc2f8ff09aba37de359d10dd090ba8fd02fa51937d7020bf513468b66 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 3CNT9LgbiPKbZtQei25Rgg== vary Accept-Encoding content-length 30416 x-ms-lease-status unlocked last-modified Wed, 19 Jan 2022 00:40:02 GMT server cloudflare etag 0x8D9DAE43AE47B63 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id f6bdae9d-e01e-00d4-70d1-5791c6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f332d88209b2d-FRA expires Mon, 01 Aug 2022 18:17:53 GMT
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/	46 KB 12 KB	37ms 37ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/otPcTab.json Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f766c61297183207dea435ddd5ce006c7230aa27c834bb1bc4dbe01b83d97d69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 x/n5vYdkes7sKCqU8TquDQ== vary Accept-Encoding content-length 11861 x-ms-lease-status unlocked last-modified Thu, 30 Sep 2021 02:38:30 GMT server cloudflare etag 0x8D983BB63F26533 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 7ea07924-501e-0001-20d1-57d91b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f332df8c49b2d-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/6.24.0/assets/	20 KB 4 KB	39ms 38ms	Fetch text/css	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:53 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Ye6OeZcNyuFoWog7CYs00A== vary Accept-Encoding x-ms-lease-status unlocked last-modified Thu, 30 Sep 2021 02:38:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin * x-ms-request-id 0390816c-301e-0077-12d1-575da7000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 733f332df8c59b2d-FRA
GET H3	200	627.acc5a90b.chunk.js sameday.costco.com/js/	1 KB 1 KB	172ms 171ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/js/627.acc5a90b.chunk.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/runtime.ddc01349.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status MISS x-dns-prefetch-control off x-envoy-upstream-service-time 5 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-4f2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332e6df49055-FRA expires Tue, 01 Aug 2023 14:17:53 GMT
GET H3	200	8021.704b891a.chunk.js Show response sameday.costco.com/js/	277 KB 98 KB	29ms 29ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/js/8021.704b891a.chunk.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/runtime.ddc01349.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d14c50a680122a769165a48c271d0a08bc4bc68ca263b9726894d669f9b23fa Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 185532 cf-polished origSize=283720 x-dns-prefetch-control off x-envoy-upstream-service-time 0 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-17376" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332e6df69055-FRA expires Sun, 30 Jul 2023 10:45:41 GMT
GET H3	200	2559.84433088.chunk.css sameday.costco.com/	3 KB 1022 B	27ms 27ms	Stylesheet text/css	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/2559.84433088.chunk.css Requested by Host: sameday.costco.com URL: https://sameday.costco.com/runtime.ddc01349.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 381d582701b3a35177c9a88c104f5737a599c2c6eca4fe065b0eac5ba2523d6a Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 185532 x-dns-prefetch-control off x-envoy-upstream-service-time 1 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-c17" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332e6df79055-FRA expires Sun, 30 Jul 2023 10:45:41 GMT
GET H3	200	2559.003cdd23.chunk.js Show response sameday.costco.com/js/	2 MB 447 KB	30ms 30ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/js/2559.003cdd23.chunk.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/runtime.ddc01349.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38789380066f5ce2030cfbffdb3796d2e8d083ea683fa1b1f0fa1e0d6f32e18a Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/s/NmkyQjNNNnlw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 323448 x-dns-prefetch-control off x-envoy-upstream-service-time 0 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-6b4c7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f332e6dfa9055-FRA expires Fri, 28 Jul 2023 20:27:05 GMT
GET DATA	200 OK	truncated /	5 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13526ae4e5a5d15aeec3e97577b2edc0bbd464f4f8ffade8fd439ffdd5aa3220 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ js.stripe.com/v3/	315 KB 77 KB	69ms 10ms	Script text/javascript	99.86.4.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: sameday.costco.com URL: https://sameday.costco.com/js/2559.003cdd23.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-76.fra6.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 3 x-cache Hit from cloudfront date Mon, 01 Aug 2022 14:17:53 GMT via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) last-modified Fri, 29 Jul 2022 21:59:58 GMT server Cloudfront etag W/"07a669093ca7a9afa58da1b05dce764d" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop FRA6-C1 timing-allow-origin * x-amz-cf-id fl5tCQgGMDwThv5_bAvViDovvj9BrILrW1tFsW4YbKr0zltuqlFatg==
GET H2	200	analytics.min.js cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/	95 KB 26 KB	56ms 9ms	Script text/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/analytics.min.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-version-id uh5HeSkTzJXHAbKrXzJQQsNFW4WMkxRa content-encoding br etag W/"621da30f8025d10366d5e197f0de0e51" age 90 x-cache Hit from cloudfront access-control-max-age 3000 x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Thu, 07 Jul 2022 00:32:38 GMT server AmazonS3 date Mon, 01 Aug 2022 14:16:24 GMT vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) cache-control public, max-age=120 x-amz-cf-pop FRA6-C1 x-amz-cf-id CajKu-rQXVCP4E767j6OY7qQ45U-UEytzD1OxEZP7R2q2t79CtY_6g==
POST H3	201	user_sessions sameday.costco.com/api/v2/	298 B 1 KB	166ms 165ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/user_sessions Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Referer https://sameday.costco.com/s/NmkyQjNNNnlw accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjpudWxsLCJUcmlhbFVzZXIiOnRydWV9 Response headers date Mon, 01 Aug 2022 14:17:54 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 21 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin https://sameday.costco.com vary Cookie, Accept-Encoding cache-control no-store access-control-allow-credentials true content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 22676bbb-fc16-9af1-8624-a4597a839496 cf-ray 733f33302a3a9bb2-FRA access-control-expose-headers Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,User-Context,X-Unata-Dev-Auth,X-Unata-Request-Source,Vary,Pragma,x-request-id,X-Unata-Mode,x-story-book-proxy,X-Maintenance-Mode,X-Snr-Id,X-Unata-Page-Attribution-Route,X-Unata-Page-View-Id,X-Connect-Auth,X-Event-Destination
POST H2	201	consentreceipts privacyportal.onetrust.com/request/v1/	0 257 B	240ms 204ms	Ping text/plain	2606:4700:4400::ac40:929e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://privacyportal.onetrust.com/request/v1/consentreceipts Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://sameday.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 01 Aug 2022 14:17:54 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 733f333069e2bbc5-FRA content-length 0
POST H2	202	rum rum.browser-intake-datadoghq.com/api/v2/	0 0	432ms 226ms	Ping application/json	2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.2.0%2Cenv%3Aprod%2Cservice%3Aprod-cus-platform-master.web%2Cversion%3Adev&dd-api-key=pubc3a17870d897b5dd89eb2762efce143a&dd-evp-origin-version=4.2.0&dd-evp-origin=browser&dd-request-id=a2e963dc-43bd-47f9-b3b4-5cf4fc115c4a&batch_time=1659363473946 Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash Request headers Referer https://sameday.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H3	200	08018152283859430722 Show response sameday.costco.com/account/order/ic/ Redirect Chain https://order-sameday.costco.com/t/NmkyQjNNNnlw? https://sameday.costco.com/account/order/ic/08018152283859430722	5 KB 2 KB	162ms 162ms	Document text/html	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de7f82b6cfdb734ac8a2fb7ad9f6d214a9a76bb1ba12db539ec7cb457c2edbc1 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://sameday.costco.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 733f3332cbb39055-FRA content-encoding br content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com content-type text/html date Mon, 01 Aug 2022 14:17:54 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Thu, 28 Jul 2022 14:50:08 GMT referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 google x-content-type-options nosniff x-dns-prefetch-control off x-envoy-upstream-service-time 2 x-frame-options sameorigin x-xss-protection 1; mode=block Redirect headers cache-control no-cache content-type text/html; charset=utf-8 date Mon, 01 Aug 2022 14:17:54 GMT location https://sameday.costco.com/account/order/ic/08018152283859430722 server nginx strict-transport-security max-age=31536000; includeSubDomains; preload vary Origin via 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront) x-amz-cf-id 50O2sKvF_OWIfd_LGoq7RgTa6-_4OQQ7ZqmFLp8MZL_JG0yo77QhVQ== x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront x-request-id 92d26b18-2b16-4a73-a90a-b527bcf54297 x-runtime 0.056394
GET DATA	200 OK	truncated /	5 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Referer Origin https://sameday.costco.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	settings cdn.segment.com/v1/projects/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/	600 B 1 KB	25ms 9ms	XHR application/json	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/settings Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-version-id TYxSLSxVk5a9SR3ma8owYuTx19vIythY via 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront) etag "91311441a89aa70ebd73576140ad1fad" age 10577 x-cache Hit from cloudfront access-control-max-age 3000 x-amz-replication-status COMPLETED content-length 600 last-modified Mon, 09 May 2022 22:54:08 GMT server AmazonS3 date Mon, 01 Aug 2022 11:29:44 GMT vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 x-amz-cf-pop FRA6-C1 accept-ranges bytes x-amz-cf-id jDfdrlHkIp6FId3o1QMUNRb_oiT6g2l8N_9X8dhwX26PczZ3gDNf7Q==
GET H2	200	m-outer-e38946e804432be68f641f02ebc1364f.html js.stripe.com/v3/ Frame DBA4	240 B 1 KB	9ms 8ms	Document text/html	99.86.4.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-76.fra6.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://sameday.costco.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 745 cache-control max-age=31536000 content-length 240 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 01 Aug 2022 14:05:39 GMT etag "e38946e804432be68f641f02ebc1364f" last-modified Fri, 29 Jul 2022 21:27:52 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-amz-cf-id 1P3_FQ7kdr28Rt7KHrW2_W0r4gRSWIOmce6quqdyt9yqTahpm5dUcQ== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	870.bundle.323974846b6d45afb45e.js cdn.segment.com/analytics-next/bundles/	17 KB 5 KB	10ms 9ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 30 Jun 2022 04:14:53 GMT content-encoding br vary Accept-Encoding age 2800982 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Thu, 30 Jun 2022 00:39:24 GMT server AmazonS3 etag W/"d471f2a8b801a51bbc09c91b3f90b749" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id eGdtYNgVU7C.sD0ud7vKl0kuuvXdbYqu via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop FRA6-C1 content-type application/javascript x-amz-cf-id sUTE59shxzoYISPhakImxM8zdu_OirIGtozzXMlVF9K7w03vMZ2r_w==
GET H2	200	ajs-destination.bundle.35a8f6f19959bf2f455f.js cdn.segment.com/analytics-next/bundles/	10 KB 4 KB	10ms 10ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 30 Jun 2022 04:14:53 GMT content-encoding br vary Accept-Encoding age 2800982 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Thu, 30 Jun 2022 00:39:24 GMT server AmazonS3 etag W/"e0f89f667fb8d2b50aa8e29a86a4c9b1" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id rRSPxUD4JSPvaFMNmUXrTxb4ziC5WpWM via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop FRA6-C1 content-type application/javascript x-amz-cf-id 4xON8bv0mnStNINtS7KChCCue0Lb-e1McNp0DIA4-Mr816NXYlLafA==
POST H2	200	csp-report q.stripe.com/ Frame DBA4	0 571 B	717ms 360ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 01 Aug 2022 14:17:54 GMT x-content-type-options nosniff x-envoy-upstream-service-time 190 strict-transport-security max-age=63072000; includeSubDomains; preload content-length 0 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame DBA4	0 572 B	552ms 195ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 01 Aug 2022 14:17:54 GMT x-content-type-options nosniff x-envoy-upstream-service-time 24 strict-transport-security max-age=63072000; includeSubDomains; preload content-length 0 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	m-outer-613f8ee1abc1602a543fee9327eab032.js js.stripe.com/v3/fingerprinted/js/ Frame DBA4	526 B 1020 B	8ms 8ms	Script text/javascript	99.86.4.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-613f8ee1abc1602a543fee9327eab032.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-76.fra6.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-content-type-options nosniff age 20 x-cache Hit from cloudfront date Mon, 01 Aug 2022 14:17:38 GMT content-length 526 last-modified Fri, 29 Jul 2022 21:27:51 GMT server Cloudfront etag "d96c709017743c0759cf3853d1806ba5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop FRA6-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id 2om9nkFwIEceBIkyoCdI5B8iT86IIzb6atMjTH3TUMGr0tPWbpVs1A==
GET H2	200	schemaFilter.bundle.debb169c1abb431faaa6.js cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	7ms 7ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 30 Jun 2022 04:14:57 GMT content-encoding br vary Accept-Encoding age 2800978 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Thu, 30 Jun 2022 00:39:24 GMT server AmazonS3 etag W/"3e448afdfea355c0f19700d04431ce7d" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id 2Zx1lLvKGQVUN0CW_0j0kkuvMQ5TNtLg via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop FRA6-C1 content-type application/javascript x-amz-cf-id cqdvO2e32c0QBuTX_qp9-gGcienhZTrOrIJx0mdwWg4bC04W36HkXA==
GET H2	200	inner.html m.stripe.network/ Frame E5CD	930 B 2 KB	67ms 10ms	Document text/html	99.86.4.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-613f8ee1abc1602a543fee9327eab032.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-85.fra6.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3 cache-control max-age=300, public content-length 930 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 01 Aug 2022 14:17:54 GMT etag "fc2e029628f163bb59adc6fa5a31161c" last-modified Thu, 17 Mar 2022 19:03:12 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) x-amz-cf-id 0qpf-EpoBnJan-D9fHV8HXaMazZLX2sFUavgpN-Kuy0TGGAo8-Y-YA== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H3	401	user sameday.costco.com/api/v2/	376 B 788 B	203ms 202ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/user Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOm51bGwsImFkbWludXNlcl9pZCI6bnVsbCwiYW5vbnltb3VzIjp0cnVlLCJpYXQiOjE2NTkzNjM0NzR9.iQv6SqDIcudFtKKNfDNBP1KtJ1KvJXJnWhWMRypUChg Referer https://sameday.costco.com/s/NmkyQjNNNnlw accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjpudWxsLCJUcmlhbFVzZXIiOnRydWV9 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 46 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:54 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 2ae13210-8230-983d-a0d3-446329925200 cf-ray 733f33314c529bb2-FRA
POST H2	200	csp-report q.stripe.com/ Frame E5CD	0 345 B	466ms 196ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Mon, 01 Aug 2022 14:17:54 GMT referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload cache-control max-age=0, no-cache, no-store, must-revalidate x-envoy-upstream-service-time 24 x-robots-tag none content-length 0 x-content-type-options nosniff expires 0
GET H2	200	out-4.5.42.js m.stripe.network/ Frame E5CD	86 KB 14 KB	9ms 9ms	Script text/javascript	99.86.4.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.42.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-85.fra6.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff last-modified Thu, 17 Mar 2022 19:03:12 GMT server Cloudfront age 227 date Mon, 01 Aug 2022 14:14:10 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) cache-control max-age=300, public x-amz-cf-pop FRA6-C1 x-amz-cf-id qdXC7iWDZVnIXuW52FCYVTRd60Zx2Il80kc9jrK6gcbMCPkzl2gzAw== etag W/"21df7244385e5c0bdf32da01d0dad6c0"
POST		6 m.stripe.com/ Frame E5CD	0 0
POST H3	201	users sameday.costco.com/api/v2/	2 KB 3 KB	410ms 410ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/users Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOm51bGwsImFkbWludXNlcl9pZCI6bnVsbCwiYW5vbnltb3VzIjp0cnVlLCJpYXQiOjE2NTkzNjM0NzR9.iQv6SqDIcudFtKKNfDNBP1KtJ1KvJXJnWhWMRypUChg Referer https://sameday.costco.com/s/NmkyQjNNNnlw accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjpudWxsLCJUcmlhbFVzZXIiOnRydWV9 Response headers date Mon, 01 Aug 2022 14:17:54 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 258 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin https://sameday.costco.com vary Cookie, Accept-Encoding cache-control no-store access-control-allow-credentials true content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id fbf0dd91-7de2-978e-8919-37f9afefdb05 cf-ray 733f33329f7c9bb2-FRA access-control-expose-headers Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,User-Context,X-Unata-Dev-Auth,X-Unata-Request-Source,Vary,Pragma,x-request-id,X-Unata-Mode,x-story-book-proxy,X-Maintenance-Mode,X-Snr-Id,X-Unata-Page-Attribution-Route,X-Unata-Page-View-Id,X-Connect-Auth,X-Event-Destination
GET DATA	200 OK	truncated /	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	icons.42609971.woff2 sameday.costco.com/fonts/	17 KB 18 KB	154ms 154ms	Font application/octet-stream	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/fonts/icons.42609971.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://sameday.costco.com/s/NmkyQjNNNnlw Origin https://sameday.costco.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:54 GMT via 1.1 google x-content-type-options nosniff cf-cache-status MISS x-dns-prefetch-control off x-envoy-upstream-service-time 0 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17804 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin expires Tue, 01 Aug 2023 14:17:54 GMT last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag "62e2a220-458c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/octet-stream access-control-allow-origin https://sameday.costco.com vary Accept-Encoding cache-control max-age=31536000,public access-control-allow-credentials true content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com accept-ranges bytes cf-ray 733f33355eed9055-FRA access-control-expose-headers Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,User-Context,X-Unata-Dev-Auth,X-Unata-Request-Source,Vary,Pragma,x-request-id,X-Unata-Mode,x-story-book-proxy,X-Maintenance-Mode,X-Snr-Id,X-Unata-Page-Attribution-Route,X-Unata-Page-View-Id,X-Connect-Auth,X-Event-Destination
GET		profile sameday.costco.com/api/v2/user/	0 0
GET		cart sameday.costco.com/api/v2/	0 0
GET		free_delivery_header_banner sameday.costco.com/api/v2/placements/	0 0
GET		header_banner sameday.costco.com/api/v2/placements/	0 0
GET		loyalty_cards sameday.costco.com/api/v2/	0 0
GET		categories sameday.costco.com/api/v2/	0 0
GET		frontend_configs sameday.costco.com/api/v2/facts/	0 0
GET		merchandised_landing_page sameday.costco.com/api/v2/	0 0
POST		rum rum.browser-intake-datadoghq.com/api/v2/	0 0
POST		/ o502263.ingest.sentry.io/api/66740/envelope/	0 0
POST		/ o502263.ingest.sentry.io/api/66740/store/	0 0
GET H3	200	runtime.ddc01349.js Show response sameday.costco.com/	6 KB 4 KB	31ms 30ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/runtime.ddc01349.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 644fd67f9d33cb0a94e9929ad7aa880184c1198a355f2098c73a5fe38da6cac3 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 323455 x-dns-prefetch-control off x-envoy-upstream-service-time 1 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-1883" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f33382a389055-FRA expires Fri, 28 Jul 2023 20:27:00 GMT
GET H3	200	1746.9c0d0a5a.js Show response sameday.costco.com/	2 MB 493 KB	32ms 31ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/1746.9c0d0a5a.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 262505b7bd3e5e376187e421f647da2465ba28494d5e6d751d4f199667be4929 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 185536 cf-polished origSize=1608288 x-dns-prefetch-control off x-envoy-upstream-service-time 1 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-749ea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f33382a399055-FRA expires Sun, 30 Jul 2023 10:45:39 GMT
GET H3	200	app.609fc863.js Show response sameday.costco.com/	1 MB 396 KB	24ms 23ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/app.609fc863.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09eac5cd1891cfe08f2060d5f8753c4207b10990e9f23f81cbbcc7199740734c Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 185536 cf-polished origSize=1211381 x-dns-prefetch-control off x-envoy-upstream-service-time 2 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-62299" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f33393c0e9055-FRA expires Sun, 30 Jul 2023 10:45:39 GMT
GET H3	200	ie.efe6cbef.js Show response sameday.costco.com/	934 B 1 KB	28ms 28ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/ie.efe6cbef.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cbbb15134eb811c99f0456fc33d8b24475cafc99831833a303204e93b6cef08 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1044171 x-dns-prefetch-control off x-envoy-upstream-service-time 1 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-3a6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f33394c1a9055-FRA expires Thu, 20 Jul 2023 12:15:04 GMT
GET H3	200	polyfills.67139b2f.js Show response sameday.costco.com/	9 KB 4 KB	22ms 21ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/polyfills.67139b2f.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4560f024cd9ce95b400e8589861fddce005137d35017c86b3e5aa24d71410adc Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1044171 cf-polished origSize=9040 x-dns-prefetch-control off x-envoy-upstream-service-time 1 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-2350" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f33399c7a9055-FRA expires Thu, 20 Jul 2023 12:15:04 GMT
GET H3	200	app.dc4e82f3.css sameday.costco.com/	732 KB 137 KB	33ms 32ms	Stylesheet text/css	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/app.dc4e82f3.css Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ae6002605938d6c21d23b1c3668196884e851c6d221824a8856ea33ba6f498a Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1044819 x-dns-prefetch-control off x-envoy-upstream-service-time 0 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-21743" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f33382a3b9055-FRA expires Thu, 20 Jul 2023 12:04:16 GMT
GET H3	200	ie.f9b0a824.css sameday.costco.com/	829 B 946 B	33ms 32ms	Stylesheet text/css	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/ie.f9b0a824.css Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2128c4a60bf286ca9f1751a713f5346ed2d98aab1500f2e378090f302c8a782e Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1044819 x-dns-prefetch-control off x-envoy-upstream-service-time 1 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-33d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f33382a3d9055-FRA expires Thu, 20 Jul 2023 12:04:16 GMT
GET H3	200	env-config.js Show response sameday.costco.com/	153 B 737 B	163ms 162ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/env-config.js?v=1 Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec19b24688152abedd5bb3a39ccc1cb5b6dfb32af88e3649f777c9b2de8b5d5f Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status MISS x-dns-prefetch-control off x-envoy-upstream-service-time 3 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 29 Jul 2022 21:42:32 GMT server cloudflare x-frame-options sameorigin etag W/"62e45448-99" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control no-cache,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f33382a3e9055-FRA expires Mon, 01 Aug 2022 14:17:54 GMT
GET H3	200	frontend-config.js Show response sameday.costco.com/	171 KB 53 KB	163ms 163ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/frontend-config.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 023f9d3c67c6670f3c18e3567889bb4f5f90dd9e2988a90fc2ba3c5525d10bd5 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status MISS x-dns-prefetch-control off x-envoy-upstream-service-time 2 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 29 Jul 2022 21:42:32 GMT server cloudflare x-frame-options sameorigin etag W/"62e45448-2aadb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control no-cache,no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f33382a3f9055-FRA expires Mon, 01 Aug 2022 14:17:54 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	16ms 16ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/account/order/ic/08018152283859430722 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d06c1d1f95928227b923f8e2b201da367b26a9f30cce47c39eb994bdc1120eea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://sameday.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 XGsNmGJmo+/l1+I4Ho2svw== age 718 vary Accept-Encoding content-length 7093 x-ms-lease-status unlocked last-modified Mon, 01 Aug 2022 02:45:23 GMT server cloudflare etag 0x8DA7367E19AD3E8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id b3f2a024-901e-003e-2653-a56ec7000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f33394ed7928d-FRA
GET H2	200	2653cf4b-5c84-40d7-a99b-fa6e1592503b.json Show response cdn.cookielaw.org/consent/2653cf4b-5c84-40d7-a99b-fa6e1592503b/	3 KB 1 KB	16ms 15ms	XHR application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/2653cf4b-5c84-40d7-a99b-fa6e1592503b/2653cf4b-5c84-40d7-a99b-fa6e1592503b.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 910d1b02b39c21741735ce4eda10fd396cae42f44468ac49ae95d5d136fb6854 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 CYyS8sQRTEf7la8GE0TFZQ== age 2 vary Accept-Encoding content-length 1302 x-ms-lease-status unlocked last-modified Wed, 19 Jan 2022 00:39:54 GMT server cloudflare etag 0x8D9DAE435F37810 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 464b0abb-c01e-00e1-5e1a-573f93000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f333a0d579b2d-FRA expires Mon, 01 Aug 2022 18:17:55 GMT
GET H3	200	3131.31d05b39.chunk.js Show response sameday.costco.com/js/	2 KB 2 KB	27ms 27ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/js/3131.31d05b39.chunk.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/runtime.ddc01349.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0a8ae95aa5313362da9f813414eb4c8464e4ec3b5e1b110fdcc6c8eb86c25e6 Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 1044170 x-dns-prefetch-control off x-envoy-upstream-service-time 2 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Fri, 15 Jul 2022 20:46:13 GMT server cloudflare x-frame-options sameorigin etag W/"62d1d215-9c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f333a4d689055-FRA expires Thu, 20 Jul 2023 12:15:05 GMT
POST H3	200	/ Show response o502263.ingest.sentry.io/api/66740/envelope/	2 B 20 B	10ms 10ms	Fetch application/json	34.120.195.249 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o502263.ingest.sentry.io/api/66740/envelope/?sentry_key=3b3e513109284a97bcc8dd5a3492681a&sentry_version=7 Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://sameday.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://sameday.costco.com access-control-expose-headers x-sentry-error, x-sentry-rate-limits, retry-after x-envoy-upstream-service-time 1 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
GET DATA	200 OK	truncated /	821 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cfeb9d5512e0b20d4999f9d30c3d7a7b8eafd005786e846c8ed300d242ca9c9a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	176 B 234 B	36ms 35ms	XHR application/json	2606:4700:4400::6812:2962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://sameday.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 733f333a6ef2bb80-FRA access-control-allow-headers Content-Type
GET H3	200	frontend_configs Show response sameday.costco.com/api/v2/facts/	169 B 542 B	333ms 333ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/facts/frontend_configs Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c75d879373ff374d99006eb93ba0535258f7229e569dd7f6e1d6f228a54e8109 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjpudWxsLCJUcmlhbFVzZXIiOnRydWV9 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 83 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:55 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id a29d5baa-bfd5-936a-9bf9-bf8bb6d0d9f5 cf-ray 733f333a6f589bb2-FRA
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.24.0/	317 KB 76 KB	15ms 14ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 V5hcbF1dEgrls6P2M61C9g== age 341 vary Accept-Encoding content-length 77260 x-ms-lease-status unlocked last-modified Thu, 30 Sep 2021 02:38:37 GMT server cloudflare etag 0x8D983BB67EEBDFE expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 90d13ccb-201e-0063-52cf-119ec3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f333aa8e5928d-FRA
GET H2	200	en.json Show response cdn.cookielaw.org/consent/2653cf4b-5c84-40d7-a99b-fa6e1592503b/32565fb0-44fb-4700-ac02-0ef874248423/	159 KB 30 KB	14ms 14ms	Fetch application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/2653cf4b-5c84-40d7-a99b-fa6e1592503b/32565fb0-44fb-4700-ac02-0ef874248423/en.json Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7583d94fc2f8ff09aba37de359d10dd090ba8fd02fa51937d7020bf513468b66 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 3CNT9LgbiPKbZtQei25Rgg== age 2 vary Accept-Encoding content-length 30416 x-ms-lease-status unlocked last-modified Wed, 19 Jan 2022 00:40:02 GMT server cloudflare etag 0x8D9DAE43AE47B63 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id f6bdae9d-e01e-00d4-70d1-5791c6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f333ade719b2d-FRA expires Mon, 01 Aug 2022 18:17:55 GMT
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/	46 KB 12 KB	17ms 16ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/v2/otPcTab.json Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f766c61297183207dea435ddd5ce006c7230aa27c834bb1bc4dbe01b83d97d69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 x/n5vYdkes7sKCqU8TquDQ== age 2 vary Accept-Encoding content-length 11861 x-ms-lease-status unlocked last-modified Thu, 30 Sep 2021 02:38:30 GMT server cloudflare etag 0x8D983BB63F26533 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 7ea07924-501e-0001-20d1-57d91b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 733f333afeb29b2d-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/6.24.0/assets/	20 KB 4 KB	15ms 15ms	Fetch text/css	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Ye6OeZcNyuFoWog7CYs00A== age 2 vary Accept-Encoding x-ms-lease-status unlocked last-modified Thu, 30 Sep 2021 02:38:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin * x-ms-request-id 0390816c-301e-0077-12d1-575da7000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 733f333afeb49b2d-FRA
GET H3	200	8021.704b891a.chunk.js Show response sameday.costco.com/js/	277 KB 98 KB	27ms 26ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/js/8021.704b891a.chunk.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/runtime.ddc01349.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d14c50a680122a769165a48c271d0a08bc4bc68ca263b9726894d669f9b23fa Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 185534 cf-polished origSize=283720 x-dns-prefetch-control off x-envoy-upstream-service-time 0 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-17376" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f333ca8a19055-FRA expires Sun, 30 Jul 2023 10:45:41 GMT
GET H3	200	2559.84433088.chunk.css sameday.costco.com/	3 KB 1 KB	24ms 23ms	Stylesheet text/css	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/2559.84433088.chunk.css Requested by Host: sameday.costco.com URL: https://sameday.costco.com/runtime.ddc01349.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 381d582701b3a35177c9a88c104f5737a599c2c6eca4fe065b0eac5ba2523d6a Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 185534 x-dns-prefetch-control off x-envoy-upstream-service-time 1 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-c17" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f333ca8a39055-FRA expires Sun, 30 Jul 2023 10:45:41 GMT
GET H3	200	2559.003cdd23.chunk.js Show response sameday.costco.com/js/	2 MB 447 KB	25ms 25ms	Script application/javascript	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/js/2559.003cdd23.chunk.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/runtime.ddc01349.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38789380066f5ce2030cfbffdb3796d2e8d083ea683fa1b1f0fa1e0d6f32e18a Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/account/order/ic/08018152283859430722 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 323450 x-dns-prefetch-control off x-envoy-upstream-service-time 0 cf-bgj minify content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag W/"62e2a220-6b4c7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript vary Accept-Encoding cache-control max-age=31536000,public content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com cf-ray 733f333ca8a49055-FRA expires Fri, 28 Jul 2023 20:27:05 GMT
GET H2	200	/ Show response js.stripe.com/v3/	315 KB 77 KB	14ms 14ms	Script text/javascript	99.86.4.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: sameday.costco.com URL: https://sameday.costco.com/js/2559.003cdd23.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-76.fra6.r.cloudfront.net Software Cloudfront / Resource Hash d0a58cef2353163fc5f4c8b3ef68b7c28e99150cd98b0a793c43108a2434ba00 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 18 x-cache Hit from cloudfront date Mon, 01 Aug 2022 14:17:44 GMT via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) last-modified Fri, 29 Jul 2022 22:02:47 GMT server Cloudfront etag W/"07a669093ca7a9afa58da1b05dce764d" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop FRA6-C1 timing-allow-origin * x-amz-cf-id qUfWr6l1-6wum7Bz7Y7tXywpjR6BfvD-UmfNxwDvlkyNi_OGQiG6nA==
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/	95 KB 26 KB	10ms 9ms	Script text/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/analytics.min.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 44b4414d873319e55dfa65cfd0aef93680a91063e493dafc15ff0e9be43c8782 Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-version-id uh5HeSkTzJXHAbKrXzJQQsNFW4WMkxRa content-encoding br etag W/"621da30f8025d10366d5e197f0de0e51" age 93 x-cache Hit from cloudfront access-control-max-age 3000 x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Thu, 07 Jul 2022 00:32:38 GMT server AmazonS3 date Mon, 01 Aug 2022 14:16:24 GMT vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) cache-control public, max-age=120 x-amz-cf-pop FRA6-C1 x-amz-cf-id fVofReN13PY55IBPOBaj1iCza6GSHd7FLVKp1linMBq0yNstPpXbzw==
POST H3	201	user_sessions Show response sameday.costco.com/api/v2/	308 B 1 KB	182ms 182ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/user_sessions Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c44307e3646f870b6b8c938badc95f502063e7cb18d8a8d5f46a8c13896a640 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjpudWxsLCJUcmlhbFVzZXIiOnRydWV9 Response headers date Mon, 01 Aug 2022 14:17:56 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 36 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin https://sameday.costco.com vary Cookie, Accept-Encoding cache-control no-store access-control-allow-credentials true content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id afc49923-fd47-92e8-9134-5e4dfdbdda67 cf-ray 733f333d9d1b9bb2-FRA access-control-expose-headers Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,User-Context,X-Unata-Dev-Auth,X-Unata-Request-Source,Vary,Pragma,x-request-id,X-Unata-Mode,x-story-book-proxy,X-Maintenance-Mode,X-Snr-Id,X-Unata-Page-Attribution-Route,X-Unata-Page-View-Id,X-Connect-Auth,X-Event-Destination
GET H2	200	settings Show response cdn.segment.com/v1/projects/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/	600 B 1 KB	8ms 7ms	XHR application/json	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/settings Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash d11432b12d7bdb9588971a3919a71191e8fd76e17775429e3f8b6c66dd7ef558 Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-version-id TYxSLSxVk5a9SR3ma8owYuTx19vIythY via 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront) etag "91311441a89aa70ebd73576140ad1fad" age 10579 x-cache Hit from cloudfront access-control-max-age 3000 x-amz-replication-status COMPLETED content-length 600 last-modified Mon, 09 May 2022 22:54:08 GMT server AmazonS3 date Mon, 01 Aug 2022 11:29:44 GMT vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 x-amz-cf-pop FRA6-C1 accept-ranges bytes x-amz-cf-id PYx_RG5CntK_vdgurm-KC4lRSdGjri0FUnM1ZHru3BExlpXgBe_4YQ==
GET H2	200	m-outer-e38946e804432be68f641f02ebc1364f.html Show response js.stripe.com/v3/ Frame 72C7	240 B 1 KB	9ms 9ms	Document text/html	99.86.4.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-76.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 9fc1fbb9b073659cb057d6241dac61a3e407df07ecb3dbfabce79c9491203497 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://sameday.costco.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 747 cache-control max-age=31536000 content-length 240 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 01 Aug 2022 14:05:39 GMT etag "e38946e804432be68f641f02ebc1364f" last-modified Fri, 29 Jul 2022 21:27:52 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-amz-cf-id q17uI3PzNxkzNEoSbvPvDWbEuE0k5NjKi6_TZ8g3ldOsbij8Z3yrjA== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	870.bundle.323974846b6d45afb45e.js Show response cdn.segment.com/analytics-next/bundles/	17 KB 5 KB	8ms 8ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 30 Jun 2022 04:14:53 GMT content-encoding br vary Accept-Encoding age 2800984 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Thu, 30 Jun 2022 00:39:24 GMT server AmazonS3 etag W/"d471f2a8b801a51bbc09c91b3f90b749" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id eGdtYNgVU7C.sD0ud7vKl0kuuvXdbYqu via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop FRA6-C1 content-type application/javascript x-amz-cf-id efXSfh12W-T7OaCiwM2kQnrNE6tPObDgzy05-GUPPvmhWPQgG77trg==
GET H2	200	ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response cdn.segment.com/analytics-next/bundles/	10 KB 4 KB	9ms 9ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6 Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 30 Jun 2022 04:14:53 GMT content-encoding br vary Accept-Encoding age 2800984 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Thu, 30 Jun 2022 00:39:24 GMT server AmazonS3 etag W/"e0f89f667fb8d2b50aa8e29a86a4c9b1" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id rRSPxUD4JSPvaFMNmUXrTxb4ziC5WpWM via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop FRA6-C1 content-type application/javascript x-amz-cf-id 2jCcpmzXMIsRy2XL3O1utNiYzFyGI4m5UiCB_3FBW0X2NAblBTD97g==
POST H2	200	csp-report q.stripe.com/ Frame 72C7	0 571 B	204ms 201ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 01 Aug 2022 14:17:56 GMT x-content-type-options nosniff x-envoy-upstream-service-time 30 strict-transport-security max-age=63072000; includeSubDomains; preload content-length 0 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 72C7	0 571 B	187ms 186ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 01 Aug 2022 14:17:56 GMT x-content-type-options nosniff x-envoy-upstream-service-time 15 strict-transport-security max-age=63072000; includeSubDomains; preload content-length 0 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	m-outer-613f8ee1abc1602a543fee9327eab032.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 72C7	526 B 1021 B	8ms 8ms	Script text/javascript	99.86.4.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-613f8ee1abc1602a543fee9327eab032.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-76.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-content-type-options nosniff age 22 x-cache Hit from cloudfront date Mon, 01 Aug 2022 14:17:38 GMT content-length 526 last-modified Fri, 29 Jul 2022 21:27:51 GMT server Cloudfront etag "d96c709017743c0759cf3853d1806ba5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop FRA6-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id ulp05JDU60dpnVCmuRHLwy0BDKir64fKX8qp7oGJ0vgdIPgqXaoSMg==
GET H2	200	schemaFilter.bundle.debb169c1abb431faaa6.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	7ms 7ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/cJVGgs2zM2L9DCzxcMg3PI7NH5BnDZlw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42 Request headers accept-language de-DE,de;q=0.9 Referer https://sameday.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 30 Jun 2022 04:14:57 GMT content-encoding br vary Accept-Encoding age 2800980 x-cache Hit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Thu, 30 Jun 2022 00:39:24 GMT server AmazonS3 etag W/"3e448afdfea355c0f19700d04431ce7d" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id 2Zx1lLvKGQVUN0CW_0j0kkuvMQ5TNtLg via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) cache-control public,max-age=31536000,immutable x-amz-cf-pop FRA6-C1 content-type application/javascript x-amz-cf-id A3G2j7HjAb-LpyUPj5_0YeDifP1w8Vwpkr0g6vRmVfaZ44IuUdsi4g==
GET H2	200	inner.html Show response m.stripe.network/ Frame 95AA	930 B 2 KB	8ms 8ms	Document text/html	99.86.4.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-613f8ee1abc1602a543fee9327eab032.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-85.fra6.r.cloudfront.net Software Cloudfront / Resource Hash a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 5 cache-control max-age=300, public content-length 930 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 01 Aug 2022 14:17:54 GMT etag "fc2e029628f163bb59adc6fa5a31161c" last-modified Thu, 17 Mar 2022 19:03:12 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) x-amz-cf-id omg8fiOwVj2mlD3k-ewn9ZjgbKrJwdYdbtcqzmfrPQHn77-SoAoT_A== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET DATA	200 OK	truncated /	5 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13526ae4e5a5d15aeec3e97577b2edc0bbd464f4f8ffade8fd439ffdd5aa3220 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	csp-report q.stripe.com/ Frame 95AA	0 344 B	174ms 174ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Mon, 01 Aug 2022 14:17:56 GMT referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload cache-control max-age=0, no-cache, no-store, must-revalidate x-envoy-upstream-service-time 3 x-robots-tag none content-length 0 x-content-type-options nosniff expires 0
GET H2	200	out-4.5.42.js Show response m.stripe.network/ Frame 95AA	86 KB 14 KB	9ms 8ms	Script text/javascript	99.86.4.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.42.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-85.fra6.r.cloudfront.net Software Cloudfront / Resource Hash f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff last-modified Thu, 17 Mar 2022 19:03:12 GMT server Cloudfront age 229 date Mon, 01 Aug 2022 14:14:10 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) cache-control max-age=300, public x-amz-cf-pop FRA6-C1 x-amz-cf-id -7sGD2JoqmAXa9addIjfmLgEsrk6_JrNPlrND1IzpvplS-GkXYM2Bw== etag W/"21df7244385e5c0bdf32da01d0dad6c0"
POST H2	200	6 Show response m.stripe.com/ Frame 95AA	156 B 523 B	186ms 186ms	XHR application/json	44.235.60.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.42.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.235.60.70 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-235-60-70.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 43a9ca0faab6300fce5119d81416fd11d962e773a4a44356ea893df2319137df Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 01 Aug 2022 14:17:56 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type application/json;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
GET H3	200	user Show response sameday.costco.com/api/v2/	1 KB 1 KB	217ms 216ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/user Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2c9e22a223daff090f8fff3489ea69497c82a315bb274beb82aadcb84bce117 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjpudWxsLCJUcmlhbFVzZXIiOnRydWV9 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 68 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:56 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 20f9233a-68be-9552-a724-8c584a74e341 cf-ray 733f333ecfac9bb2-FRA
GET DATA	200 OK	truncated /	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e2fbdfdead3a5aa58de4052fbb832ff266e4d08b30e43acc82d5fb177cf0b918 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	icons.42609971.woff2 sameday.costco.com/fonts/	17 KB 18 KB	24ms 24ms	Font application/octet-stream	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/fonts/icons.42609971.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0223c2ce157547d6d28f8aeaa116350f46d98dbfb17a1b7c0acc60faade584aa Security Headers Name Value Content-Security-Policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://sameday.costco.com/account/order/ic/08018152283859430722 Origin https://sameday.costco.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:56 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT age 2 x-dns-prefetch-control off x-envoy-upstream-service-time 0 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17804 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin expires Tue, 01 Aug 2023 14:17:54 GMT last-modified Thu, 28 Jul 2022 14:50:08 GMT server cloudflare x-frame-options sameorigin etag "62e2a220-458c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/octet-stream access-control-allow-origin https://sameday.costco.com vary Accept-Encoding cache-control max-age=31536000,public access-control-allow-credentials true content-security-policy base-uri 'self'; manifest-src 'self'; object-src 'none'; frame-ancestors 'self' https://beta-sameday.costco.com https://sameday.costco.com accept-ranges bytes cf-ray 733f33405d419055-FRA access-control-expose-headers Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,User-Context,X-Unata-Dev-Auth,X-Unata-Request-Source,Vary,Pragma,x-request-id,X-Unata-Mode,x-story-book-proxy,X-Maintenance-Mode,X-Snr-Id,X-Unata-Page-Attribution-Route,X-Unata-Page-View-Id,X-Connect-Auth,X-Event-Destination
GET H3	200	profile Show response sameday.costco.com/api/v2/user/	2 KB 1 KB	217ms 217ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/user/profile Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91595301abe8a27c8d0cf181dfe7d58546d061fea5565bf24715d47e1da6a1cc Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjoiNTAxIiwiVHJpYWxVc2VyIjp0cnVlfQ== Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 53 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:56 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 16c5af5d-19d5-90d8-a03a-452c0518fce7 cf-ray 733f33407ae79bb2-FRA
GET H3	200	cart sameday.costco.com/api/v2/	2 KB 918 B	463ms 463ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/cart Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjoiNTAxIiwiVHJpYWxVc2VyIjp0cnVlfQ== Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 307 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:57 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 03be24c7-3cbc-9524-bdf3-39c6cf2e4ae4 cf-ray 733f33407ae89bb2-FRA
GET H3	200	free_delivery_header_banner Show response sameday.costco.com/api/v2/placements/	140 B 510 B	261ms 261ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/placements/free_delivery_header_banner Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0641802cae6c10aa9f9ed21d16cdc2967838b9d5b346705675839333fec38165 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjoiNTAxIiwiVHJpYWxVc2VyIjp0cnVlfQ== Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 95 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:56 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 7deb0071-97fa-98e2-86d4-ffec6906f3d5 cf-ray 733f33407aea9bb2-FRA
GET H3	200	header_banner Show response sameday.costco.com/api/v2/placements/	98 B 496 B	217ms 217ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/placements/header_banner Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a64f3936cab1eaa7e4db93f55b6b8b9668abfda3d674d680b831c2cc32cd5b3 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjoiNTAxIiwiVHJpYWxVc2VyIjp0cnVlfQ== Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 64 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:56 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 6901ec4d-c04d-9d2c-a1fa-447c251da599 cf-ray 733f33407aee9bb2-FRA
GET H3	200	loyalty_cards Show response sameday.costco.com/api/v2/	21 B 432 B	198ms 198ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/loyalty_cards Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbd52d4fae50b1024036b0879a903c2920e499dc956d4d11391ca07b4fd51bef Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjoiNTAxIiwiVHJpYWxVc2VyIjp0cnVlfQ== Response headers date Mon, 01 Aug 2022 14:17:56 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 21 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json vary Accept-Encoding content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 74bab411-01e3-9e75-8c0a-ee3662d9ea5e cf-ray 733f33407aef9bb2-FRA
GET H3	200	categories Show response sameday.costco.com/api/v2/	147 KB 22 KB	182ms 182ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/categories Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15fd3f6f95d6c02418741bf558771fa469f1b096f5fe95c9c68470fc9b04e528 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjoiNTAxIiwiVHJpYWxVc2VyIjp0cnVlfQ== Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 20 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:56 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 17ed963b-e3cc-9d73-89a5-4d76a8dcd349 cf-ray 733f33407af09bb2-FRA
GET H3	200	frontend_configs Show response sameday.costco.com/api/v2/facts/	169 B 542 B	288ms 288ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/facts/frontend_configs Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c75d879373ff374d99006eb93ba0535258f7229e569dd7f6e1d6f228a54e8109 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjoiNTAxIiwiVHJpYWxVc2VyIjp0cnVlfQ== Response headers strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 133 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 date Mon, 01 Aug 2022 14:17:56 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 76c52d75-4595-9ef7-86af-0b683452e1c9 cf-ray 733f33407af19bb2-FRA
GET H3	200	merchandised_landing_page Show response sameday.costco.com/api/v2/	13 B 425 B	195ms 195ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/merchandised_landing_page Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eeb85c2675888473ec64b7580aa0c76c6fd6b2bd51828870286ef202ad89dae2 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjoiNTAxIiwiVHJpYWxVc2VyIjp0cnVlfQ== Response headers date Mon, 01 Aug 2022 14:17:56 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 42 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json vary Accept-Encoding content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id 5ed75154-3a0a-9f1c-a537-68c09182f967 cf-ray 733f33407af29bb2-FRA
GET H2	200	Primary Request authorize Show response signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/ Redirect Chain https://www.costco.com/logon-instacart?redirect_uri=https://sameday.costco.com/social-redirect/costco_idp https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_u...	153 KB 52 KB	821ms 739ms	Document text/html	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Requested by Host: sameday.costco.com URL: https://sameday.costco.com/js/2559.003cdd23.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software / Resource Hash c369cd26daf8425ed7b08eadd7d73eabf4451c6bf774aa68f20d98f33309e4e4 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://sameday.costco.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://sameday.costco.com allow OPTIONS,TRACE,GET,HEAD,POST cache-control max-age=0, no-cache, no-store content-encoding gzip content-type text/html; charset=utf-8 date Mon, 01 Aug 2022 14:17:57 GMT expires Mon, 01 Aug 2022 14:17:57 GMT pragma no-cache public OPTIONS,TRACE,GET,HEAD,POST server-timing cdn-cache; desc=MISS edge; dur=523 origin; dur=152 strict-transport-security max-age=86400 ; includeSubDomains vary Accept-Encoding x-akamai-transformed 9 152866 0 pmb=mTOE,3mRUM,1 x-azure-ref 0leDnYgAAAAAVL/B4vRVJTILbhaw7ZrQuRlJBMzFFREdFMDMyMQAyZGY2NDk3My0yODU4LTQ1NjMtYjY2OS0wMTk2MGM4NGY5NDA= x-build 1.0.2674.0 x-content-type-options nosniff x-frame-options DENY x-ms-gateway-requestid 098c9819-9576-4abb-b27c-1ed05de42388 x-request-id f40e720b-2a07-4441-8d96-ccb8c0017c33 x-ua-compatible IE=edge x-xss-protection 1; mode=block Redirect headers access-control-allow-origin http://www.costco.com cache-control no-cache, must-revalidate, no-store content-language en-US content-length 0 content-type text/plain date Mon, 01 Aug 2022 14:17:57 GMT expires now link <https://cdn.cookielaw.org>;rel="preconnect" location https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post pragma no-cache server-timing cdn-cache; desc=MISS edge; dur=145 origin; dur=14 strict-transport-security max-age=31536000;includeSubDomains x-frame-options SAMEORIGIN x-powered-by Servlet/3.0
GET H3	200	context sameday.costco.com/api/v2/user/	2 B 413 B	193ms 193ms	Fetch application/json	2606:4700::6812:1111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sameday.costco.com/api/v2/user/context Requested by Host: sameday.costco.com URL: https://sameday.costco.com/app.609fc863.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-Unata-Mode grocery Authorization Bearer eyJhbGciOiJIUzI1NiJ9.eyJ1c2Vyc2Vzc2lvbl9pZCI6NzkxMzkyMTksInVzZXJfaWQiOjI0MDE2OTY1LCJhZG1pbnVzZXJfaWQiOm51bGwsImFub255bW91cyI6dHJ1ZSwiaWF0IjoxNjU5MzYzNDc0fQ.vB_1JsdKK8SOhz_i6lm9Wxk6eskQe6ytOz019w76OCw Referer https://sameday.costco.com/account/order/ic/08018152283859430722 accept-language de-DE,de;q=0.9 Content-Type application/json User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 User-Context eyJQbGF0Zm9ybSI6ImRlc2t0b3AiLCJTdG9yZUlkIjoiNTAxIiwiVHJpYWxVc2VyIjp0cnVlfQ== Response headers date Mon, 01 Aug 2022 14:17:57 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 49 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2 x-frame-options deny x-unata-tag 4.15.31 server cloudflare x-unata-version release-4.15.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json vary Accept-Encoding content-security-policy default-src 'none'; frame-ancestors 'none' x-event-id c2cd4e48-8600-9484-9f48-28e5ba33d54c cf-ray 733f33428ea99bb2-FRA
POST H2	200	t api.segment.io/v1/	21 B 175 B	525ms 172ms	Fetch application/json	34.212.152.186 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/t Requested by Host: sameday.costco.com URL: https://sameday.costco.com/1746.9c0d0a5a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.212.152.186 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-212-152-186.us-west-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://sameday.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://sameday.costco.com date Mon, 01 Aug 2022 14:17:57 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
GET H2	200	SignIn.html Show response signin-ui.costco.com/ecomssoui/500/	6 KB 3 KB	71ms 11ms	XHR text/html	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/SignIn.html?isTC=0 Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash b6b7f8ce5d5e6512dfa0fbab4396dd37d575630ba7d6e57fdbe5e581dc122250 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 2725 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:36 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A098014EA" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/html access-control-allow-origin https://signin.costco.com x-ms-request-id 2e6b9588-e01e-006d-26b3-865c19000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=41675 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes x-akamai-transformed 9 - 0 pmb=mRUM,1 expires Tue, 02 Aug 2022 01:52:33 GMT
GET H2	200	3X8EU-JU6BW-77GYX-SCH9D-RTCVS Show response s.go-mpulse.net/boomerang/ Frame 4874	202 KB 51 KB	37ms 9ms	Script application/javascript	2a02:26f0:6c00:2b9::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.go-mpulse.net/boomerang/3X8EU-JU6BW-77GYX-SCH9D-RTCVS Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54 Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:58 GMT content-encoding br last-modified Wed, 29 Jun 2022 01:15:23 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=604800 timing-allow-origin * content-length 51580
GET H2	200	4b3df594 Show response signin.costco.com/akam/13/	26 KB 9 KB	240ms 239ms	Script application/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin.costco.com/akam/13/4b3df594 Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software / Resource Hash 95396046e67ae1be416f3eebe94fec4551a7c8cc435c08652d20dec0e13aa274 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip last-modified Wed, 09 Feb 2022 15:07:01 GMT etag "119d28fe32ee8c052e7c8db96f6a11929540159ffbbbda786ad578c43ffbecf6" vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server-timing cdn-cache; desc=HIT, edge; dur=224 strict-transport-security max-age=86400 ; includeSubDomains content-length 8782 expires Mon, 01 Aug 2022 14:17:58 GMT
GET H2	200	wFicDAQE Show response signin.costco.com/bEbDjD/LgiCS/v1SLv/7w/f9YuSmVSOrED/WxUOJSAB/Ans/	84 KB 21 KB	18ms 18ms	Script application/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin.costco.com/bEbDjD/LgiCS/v1SLv/7w/f9YuSmVSOrED/WxUOJSAB/Ans/wFicDAQE Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software / Resource Hash fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:57 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 19:29:24 GMT etag "a7a61709860c0c57ec0c92584ae4f1bc214dfc71043ea43843572e55d14841f6" vary Accept-Encoding content-type application/javascript cache-control max-age=21600 access-control-allow-credentials true server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 ; includeSubDomains content-length 20456 expires Mon, 22 Aug 2022 21:15:49 GMT
POST H2	201	wFicDAQE Show response signin.costco.com/bEbDjD/LgiCS/v1SLv/7w/f9YuSmVSOrED/WxUOJSAB/Ans/	18 B 797 B	388ms 387ms	XHR application/json	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin.costco.com/bEbDjD/LgiCS/v1SLv/7w/f9YuSmVSOrED/WxUOJSAB/Ans/wFicDAQE Requested by Host: signin.costco.com URL: https://signin.costco.com/bEbDjD/LgiCS/v1SLv/7w/f9YuSmVSOrED/WxUOJSAB/Ans/wFicDAQE Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software / Resource Hash bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Referer https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 01 Aug 2022 14:17:58 GMT vary Origin strict-transport-security max-age=86400 ; includeSubDomains content-type application/json access-control-allow-origin https://signin.costco.com access-control-allow-credentials true, true x_req_id ab20c2fb-4394-4d71-872e-5f251bcd4b83 server-timing edge; dur=3, origin; dur=372, cdn-cache; desc=MISS access-control-allow-headers Content-Type content-length 18
GET H/1.1	200 OK	config.json Show response c.go-mpulse.net/api/ Frame 4874	3 KB 1 KB	53ms 25ms	XHR application/json	2a02:26f0:6c00:1bb::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.go-mpulse.net/api/config.json?key=3X8EU-JU6BW-77GYX-SCH9D-RTCVS&d=signin.costco.com&t=5531212&v=1.632.0&if=&sl=0&si=37hsfu5p4o2-rfxx1y&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=625862 Requested by Host: s.go-mpulse.net URL: https://s.go-mpulse.net/boomerang/3X8EU-JU6BW-77GYX-SCH9D-RTCVS Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 9b60250cd3fa2ee34e63f04bd5d3046b4ddc6705fb37da4c115434d81678c9ef Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Mon, 01 Aug 2022 14:17:58 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin * Cache-Control private, max-age=300, stale-while-revalidate=60, stale-if-error=120 Connection keep-alive Timing-Allow-Origin * Content-Length 779
GET H2	200	material-components-web.min.js Show response signin-ui.costco.com/ecomssoui/500/common/	290 KB 51 KB	9ms 9ms	XHR text/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/material-components-web.min.js Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 2c6e37eb7ce00865d38bb52c032ad7d66a7f18f7d1c736ee4bff85d8d9836866 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Accept text/plain, */*; q=0.01 Referer https://signin.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 rPfPFpJDsZdmQyX6AIYj5A== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 51207 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:35 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A0899CE95" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/javascript access-control-allow-origin https://signin.costco.com x-ms-request-id 533fe2bb-501e-0047-17b3-868309000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=46147 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:07:05 GMT
GET H2	200	bootstrap-show-password.min.js Show response signin-ui.costco.com/ecomssoui/500/common/	17 KB 8 KB	11ms 11ms	XHR text/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/bootstrap-show-password.min.js Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash f42d94f3a92f88db2ff3ff3922106e4d30b659e9ff16a50a9d25c7560aab6f1c Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Accept text/plain, */*; q=0.01 Referer https://signin.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 ZkBA2wfXEapJDcr8WHS5Qw== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 7054 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:31 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A069CC344" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/javascript access-control-allow-origin https://signin.costco.com x-ms-request-id 2e6b9693-e01e-006d-1bb3-865c19000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=48197 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:41:15 GMT
GET H2	200	common.js Show response signin-ui.costco.com/ecomssoui/500/common/	3 KB 2 KB	17ms 17ms	XHR text/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/common.js Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 13bb1e14b4423b8ce9faf56d561b52f9e74e2e7de84206e633f096289f7b22fa Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Accept text/plain, */*; q=0.01 Referer https://signin.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 8+ZZShilnI7Xraizmxoyfg== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1365 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:32 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A06D68F68" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/javascript access-control-allow-origin https://signin.costco.com x-ms-request-id 2e6b9643-e01e-006d-52b3-865c19000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=46147 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:07:05 GMT
GET H2	200	material-components-web.min.css signin-ui.costco.com/ecomssoui/500/common/	285 KB 28 KB	10ms 9ms	Stylesheet text/css	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/material-components-web.min.css Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 07dae7e26c8bfb4c2a2859f99f58d5c216637b70f5e6359641dd087ae9125527 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Referer https://signin.costco.com/ Origin https://signin.costco.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 NFD3sU3lhPeUV1mynI+rpQ== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 27969 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:35 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A088C8A21" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/css access-control-allow-origin https://signin.costco.com x-ms-request-id 2e6b9ad3-e01e-006d-02b3-865c19000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=48041 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:38:39 GMT
GET H2	200	bootstrap.min.css signin-ui.costco.com/ecomssoui/500/common/	150 KB 23 KB	12ms 12ms	Stylesheet text/css	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/bootstrap.min.css Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash c1b947122d05ae86afd974627f415444af4f1d76c84bdbf5f4d6dc26d79ddfa8 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Referer https://signin.costco.com/ Origin https://signin.costco.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 beyHOM/PxlheLRCjo3b5cA== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 22975 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:32 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A06CAAA52" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/css access-control-allow-origin https://signin.costco.com x-ms-request-id 533fea60-501e-0047-2bb3-868309000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=48098 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:39:36 GMT
GET H2	200	costcoStyle.css signin-ui.costco.com/ecomssoui/500/common/	20 KB 5 KB	16ms 15ms	Stylesheet text/css	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/costcoStyle.css Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 9da0ad2d7200cb712f14822e75a5399effcbfc36079d46e449aa65d097c78707 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Referer https://signin.costco.com/ Origin https://signin.costco.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 DTWVkmxYRLh6xpiRRkrNxw== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 4635 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:32 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A06E2266F" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/css access-control-allow-origin https://signin.costco.com x-ms-request-id 2f2f1f5a-b01e-003d-37b3-869e49000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=48182 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:41:00 GMT
GET H2	200	SignIn.js Show response signin-ui.costco.com/ecomssoui/500/js/	13 KB 4 KB	22ms 22ms	Script text/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/js/SignIn.js Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e54a0ab83f37e6bee066cbf9ecbcf2159bf9c91ec15aeae54de42e1495c0e0c5 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 m2Ww09WB+MavQ+Jw9Ie5Tw== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 3561 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:36 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A092FDDE1" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/javascript x-ms-request-id 2b6fb57b-501e-0078-4bb4-864baa000000 cache-control max-age=50015 x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 04:11:33 GMT
GET H2	200	launch-1d91034cce77-staging.min.js Show response assets.adobedtm.com/db2abc551d12/b2288490dead/	111 KB 36 KB	57ms 8ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/db2abc551d12/b2288490dead/launch-1d91034cce77-staging.min.js Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash e1e4da9f3522408cd195171ad1c5bbbabfa8d5e72e4d9e8c0f01b3abc706af39 Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip last-modified Thu, 02 Jun 2022 04:07:40 GMT server AkamaiNetStorage etag "862fe39a69a44c1b6bf6cd297b0ca779:1654142860.056945" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://signin.costco.com cache-control max-age=0, no-cache, no-store accept-ranges bytes timing-allow-origin * content-length 36683 expires Mon, 01 Aug 2022 14:17:58 GMT
GET H2	200	costco.js Show response signin-ui.costco.com/ecomssoui/500/js/	948 B 958 B	27ms 27ms	Script text/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/js/costco.js Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 3116291344bf46634fc846164a470207a793950a40c29493f9e5a0535870efb4 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 AGvT3Wtlph/qZhxeNnrZhw== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 509 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:35 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A08DF58CB" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/javascript x-ms-request-id eea1380d-201e-0000-73b4-86e852000000 cache-control max-age=47757 x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:33:55 GMT
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	157 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
POST H2	200	perftrace Show response signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/client/	0 508 B	93ms 92ms	XHR text/plain	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/client/perftrace?tx=StateProperties=eyJUSUQiOiJmNDBlNzIwYi0yYTA3LTQ0NDEtOGQ5Ni1jY2I4YzAwMTdjMzMifQ&p=B2C_1A_SSO_WCS_signup_signin_500 Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post X-CSRF-TOKEN b3hPWVh2aDFBU3RQRFVOU1RLd3hrQzJ1SEw5aHZVdDU2NytoSERLNEZkck9NekdyWWhpN3ErYzhOeitndEgvc0piS2MvTldBeUh0bkVjTHZyMnJ4THc9PTsyMDIyLTA4LTAxVDE0OjE3OjU3LjgxNDUyOTZaO0Q5ajBCUzllMFZPbUd1bDRIaENBTUE9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjo0fQ== X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers pragma no-cache date Mon, 01 Aug 2022 14:17:58 GMT x-content-type-options nosniff x-frame-options DENY x-ms-gateway-requestid e0d05136-41a1-46e8-94c1-1ea20dca9d3f strict-transport-security max-age=86400 ; includeSubDomains public OPTIONS,TRACE,GET,HEAD,POST cache-control max-age=0, no-cache, no-store access-control-allow-credentials true x-azure-ref 0luDnYgAAAACQDMnarKSzQbT3YcJTgUt8RlJBMzFFREdFMDMyMQAyZGY2NDk3My0yODU4LTQ1NjMtYjY2OS0wMTk2MGM4NGY5NDA= server-timing cdn-cache; desc=MISS, edge; dur=18, origin; dur=59 allow OPTIONS,TRACE,GET,HEAD,POST content-length 0 x-xss-protection 1; mode=block expires Mon, 01 Aug 2022 14:17:58 GMT
GET H2	200	jquery-i18next.min.js Show response signin-ui.costco.com/ecomssoui/500/common/locales/	2 KB 1 KB	30ms 29ms	Script text/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/locales/jquery-i18next.min.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e37a6f5b4a9288dad70a0cabf87c08989b4042bc6ca7fa3b1fef3f6ab4cc509a Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 t5flEL7xL1H865aRl394/Q== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 855 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:35 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A087FE1D3" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/javascript x-ms-request-id 2f2f23d2-b01e-003d-3fb3-869e49000000 cache-control max-age=47874 x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:35:52 GMT
GET H2	200	config.json Show response signin-ui.costco.com/ecomssoui/500/	304 B 884 B	27ms 27ms	XHR application/json	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/config.json Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 3b0964000c542d54f2b724f6c40945283912934823a4a5be8b4ab7bf18a655fc Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://signin.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 v6pGnZgU3sD4u+L0F5p5/w== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 230 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:35 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A08B0878A" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type application/json access-control-allow-origin https://signin.costco.com x-ms-request-id 533ff15a-501e-0047-21b3-868309000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=48132 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:40:10 GMT
GET H2	200	environments.json Show response signin-ui.costco.com/ecomssoui/500/	1 KB 850 B	9ms 9ms	XHR application/json	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/environments.json Requested by Host: signin.costco.com URL: https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 5be3c7079b001543b4ccbf125bb9b085801fa023b6f63b341acd6f242888edc7 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://signin.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 RWzK1lnyjPvU6kVaaLwTwg== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 195 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:35 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A08C71973" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type application/json access-control-allow-origin https://signin.costco.com x-ms-request-id 2f2f21f8-b01e-003d-16b3-869e49000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=48060 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:38:58 GMT
GET H2	200	i18nextXHRBackend.min.js Show response signin-ui.costco.com/ecomssoui/500/common/locales/	3 KB 2 KB	14ms 13ms	Script text/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/locales/i18nextXHRBackend.min.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 7b2b75e6927306ad83c8fc2eeecbf1c29eeac167c74dba4fdbe479afa21fa532 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 itcteU353ALLwIEWgrtfCA== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1419 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:34 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A0873FCB2" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/javascript x-ms-request-id 2f2f2544-b01e-003d-0eb3-869e49000000 cache-control max-age=47876 x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:35:54 GMT
GET H/1.1	200 OK	id Show response dpm.demdex.net/	365 B 1 KB	134ms 34ms	XHR application/json	34.242.80.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=97B21CFE5329614E0A490D45%40AdobeOrg&d_nsid=0&ts=1659363478383 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/db2abc551d12/b2288490dead/launch-1d91034cce77-staging.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.242.80.80 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-80-80.eu-west-1.compute.amazonaws.com Software / Resource Hash 606ae207d09297ece2fe56cb0321b81807fea9ba41223b43d83063bf67164ce2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://signin.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-2-v037-094d84bab.edge-irl1.demdex.com 3 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID 7GoCHEOgQqY= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://signin.costco.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 309 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	33 KB 12 KB	25ms 24ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/db2abc551d12/b2288490dead/launch-1d91034cce77-staging.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://signin.costco.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12163 expires Mon, 01 Aug 2022 15:17:58 GMT
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	3 KB 2 KB	30ms 29ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/db2abc551d12/b2288490dead/launch-1d91034cce77-staging.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575 Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "2d1382c349d480b6b41574ac0c1af066:1644856531.739514" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://signin.costco.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 1597 expires Mon, 01 Aug 2022 15:17:58 GMT
GET H2	200	i18next.min.js Show response signin-ui.costco.com/ecomssoui/500/common/locales/	36 KB 11 KB	11ms 10ms	Script text/javascript	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/locales/i18next.min.js Requested by Host: sameday.costco.com URL: https://sameday.costco.com/s/NmkyQjNNNnlw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 1cd80e154250063c1d3d66854163d4cab25ba4c5240817d42908912549a90390 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 kydK6KIY00edovMaS3vZeQ== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 10334 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:34 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A0868B3B4" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type text/javascript x-ms-request-id 2f2f26e7-b01e-003d-79b3-869e49000000 cache-control max-age=47725 x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:33:23 GMT
GET H2	200	en-US.json Show response signin-ui.costco.com/ecomssoui/500/common/locales/	15 KB 4 KB	10ms 10ms	XHR application/json	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/locales/en-US.json Requested by Host: signin-ui.costco.com URL: https://signin-ui.costco.com/ecomssoui/500/common/locales/i18nextXHRBackend.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 997c89e438da2d9a4914463b4499f8076c484b0b161a6573f5f64d1ecf4c97d5 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 f85jiIBpC5CcNWsucSA5Vw== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 3378 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:34 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A0851D3BC" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type application/json access-control-allow-origin https://signin.costco.com x-ms-request-id 2f2f283e-b01e-003d-2ab3-869e49000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=20885 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Mon, 01 Aug 2022 20:06:03 GMT
GET H2	200	material-icons.woff2 signin-ui.costco.com/ecomssoui/500/common/Images/	97 KB 98 KB	10ms 10ms	Font application/octet-stream	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin-ui.costco.com/ecomssoui/500/common/Images/material-icons.woff2 Requested by Host: signin-ui.costco.com URL: https://signin-ui.costco.com/ecomssoui/500/common/costcoStyle.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 7ad86c4f2dcc7c2ee5bf7fe5b3e29dc57368c7b2224e1674c90e6a095ea1eb19 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Referer https://signin-ui.costco.com/ecomssoui/500/common/costcoStyle.css Origin https://signin.costco.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-md5 eg2whCOKgnPErFQY39oXZQ== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 98996 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:34 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A08179282" strict-transport-security max-age=86400 ; includeSubDomains content-type application/octet-stream access-control-allow-origin https://signin.costco.com x-ms-request-id 4f14e2f0-f01e-002c-37c0-8604fd000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=49468 access-control-allow-credentials true x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 04:02:26 GMT
GET H2	200	costco-icon.png signin-ui.costco.com/ecomssoui/500/common/Images/	409 B 835 B	10ms 10ms	Image image/png	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://signin-ui.costco.com/ecomssoui/500/common/Images/costco-icon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 225991516ed0678f017896f1f87734b9ae4b2e029819054d9d2a7b2c31b8cf57 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-md5 RQaSrpLUNiZx6sTRjbL0Lw== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 409 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:32 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A071DEE1A" strict-transport-security max-age=86400 ; includeSubDomains content-type image/png x-ms-request-id 533ff9d2-501e-0047-2ab3-868309000000 cache-control max-age=47786 x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 03:34:24 GMT
GET H2	200	logo-bc-us.svg signin-ui.costco.com/ecomssoui/500/common/Images/	7 KB 3 KB	11ms 11ms	Image image/svg+xml	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://signin-ui.costco.com/ecomssoui/500/common/Images/logo-bc-us.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash a613b97f75aff49bc9f78aaf00ac671f7fe86eb7bc2fe5bfa61c04b1fed6ef64 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 01 Aug 2022 14:17:58 GMT content-encoding gzip content-md5 TMTD2PXgy+1g1d9DO047Tg== server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 3088 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 13 Jun 2022 20:19:33 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8DA4D7A07DD783F" vary Accept-Encoding strict-transport-security max-age=86400 ; includeSubDomains content-type image/svg+xml x-ms-request-id 2f2f298e-b01e-003d-4ab3-869e49000000 cache-control max-age=51242 x-ms-version 2014-02-14 accept-ranges bytes expires Tue, 02 Aug 2022 04:32:00 GMT
POST H2	204	/ 684dd32f.akstat.io/	0 203 B	38ms 37ms	Ping image/gif	2a02:26f0:6c00:2b9::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://684dd32f.akstat.io/ Requested by Host: s.go-mpulse.net URL: https://s.go-mpulse.net/boomerang/3X8EU-JU6BW-77GYX-SCH9D-RTCVS Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://signin.costco.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 01 Aug 2022 14:17:58 GMT content-type image/gif access-control-allow-origin https://signin.costco.com cache-control max-age=0, no-cache, no-store access-control-allow-credentials true timing-allow-origin * x-xss-protection 0 expires Mon, 01 Aug 2022 14:17:58 GMT
GET H/1.1	200 OK	dest5.html Show response costco.demdex.net/ Frame 0ADF	7 KB 3 KB	143ms 31ms	Document text/html	52.208.83.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://costco.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/db2abc551d12/b2288490dead/launch-1d91034cce77-staging.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.83.22 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-83-22.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://signin.costco.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcs-prod-irl1-2-v037-0cca2ae68.edge-irl1.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID ssHLr9VdQ3M= content-encoding gzip date Mon, 1 Aug 2022 14:17:58 GMT last-modified Thu, 21 Jul 2022 19:44:53 GMT vary accept-encoding
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=YufglgAAAGA9-AN- dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=37735878669385250010515610872530683861 https://dpm.demdex.net/ibs:dpid=411&dpuuid=YufglgAAAGA9-AN-	42 B 942 B	39ms 39ms	Image image/gif	34.242.80.80 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=YufglgAAAGA9-AN- Protocol HTTP/1.1 Server 34.242.80.80 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-242-80-80.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v037-0bc4b5939.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID wn9hygxfR88= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=YufglgAAAGA9-AN- Date Mon, 01 Aug 2022 14:17:58 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	s41661736486435 smetrics.costco.com/b/ss/cwcostcocomprod,cwcssoprod/1/JS-2.22.4-LCS4/	43 B 423 B	70ms 19ms	Image image/gif	13.36.218.177 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://smetrics.costco.com/b/ss/cwcostcocomprod,cwcssoprod/1/JS-2.22.4-LCS4/s41661736486435?AQB=1&ndh=1&pf=1&t=1%2F7%2F2022%2014%3A17%3A58%201%200&mid=41969635879245770650668563908761700789&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fsignin.costco.com%2Fe0714dd4-784d-46d6-a278-3e29553483eb%2FB2C_1A_SSO_WCS_signup_signin_500%2Foauth2%2Fv2.0%2Fauthorize%3FClientName%3DUSBC%26ui_locales%3Den-US%26scope%3Dopenid%26response_type%3Did_token%26redirect_uri%3Dhttps%253A%252F%252Fwww.costco.com%252FOAuthLogonCmd%26state%3Dacti&r=https%3A%2F%2Fsameday.costco.com%2F&cc=USD&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=Sign%20In&v2=Sign%20In&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=on%253Dinstacart%2526redirect_uri%253Dhttps%253A%252F%252Fsameday.costco.com%252Fsocial-redirect%252Fcostco_idp%2526DM_PersistentCookieCreated%253Dtrue%2526URL%253D%255BSSO%255Dhttps%253A%252F%252Fsameday.costco.com%252F%255BSSO%255D%26nonce%3DLR3hKgqo6rSxcsJA%26client_id%3D4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf%26TC%3D0%26response_mode%3Dform_post&mcorgid=97B21CFE5329614E0A490D45%40AdobeOrg&AQE=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-36-218-177.eu-west-3.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://signin.costco.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 01 Aug 2022 14:17:58 GMT x-content-type-options nosniff x-c main-1661.I2f39db.M0-585 p3p CP="This is not a P3P policy" vary * content-length 43 x-xss-protection 1; mode=block pragma no-cache last-modified Tue, 02 Aug 2022 14:17:58 GMT server jag xserver anedge-69c8d8cc76-655hq etag 3563455935894519808-4619791239788421242 strict-transport-security max-age=31536000; includeSubDomains content-type image/gif;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private expires Sun, 31 Jul 2022 14:17:58 GMT
POST H2	200	pixel_4b3df594 Show response signin.costco.com/akam/13/	0 688 B	29ms 28ms	XHR text/html	23.36.163.240 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://signin.costco.com/akam/13/pixel_4b3df594 Requested by Host: signin.costco.com URL: https://signin.costco.com/akam/13/4b3df594 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.240 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-240.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers Referer https://signin.costco.com/e0714dd4-784d-46d6-a278-3e29553483eb/B2C_1A_SSO_WCS_signup_signin_500/oauth2/v2.0/authorize?ClientName=USBC&ui_locales=en-US&scope=openid&response_type=id_token&redirect_uri=https%3A%2F%2Fwww.costco.com%2FOAuthLogonCmd&state=action%3Dinstacart%26redirect_uri%3Dhttps%3A%2F%2Fsameday.costco.com%2Fsocial-redirect%2Fcostco_idp%26DM_PersistentCookieCreated%3Dtrue%26URL%3D%5BSSO%5Dhttps%3A%2F%2Fsameday.costco.com%2F%5BSSO%5D&nonce=LR3hKgqo6rSxcsJA&client_id=4900eb1f-0c10-4bd9-99c3-c59e6c1ecebf&TC=0&response_mode=form_post accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 01 Aug 2022 14:17:58 GMT strict-transport-security max-age=86400 ; includeSubDomains content-type text/html cache-control max-age=0, no-cache, no-store access-control-allow-credentials true server-timing cdn-cache; desc=HIT, edge; dur=12 content-length 0 expires Mon, 01 Aug 2022 14:17:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

m.stripe.com

URL

https://m.stripe.com/6

Domain

sameday.costco.com

URL

https://sameday.costco.com/api/v2/user/profile

Domain

sameday.costco.com

URL

https://sameday.costco.com/api/v2/cart

Domain

sameday.costco.com

URL

https://sameday.costco.com/api/v2/placements/free_delivery_header_banner

Domain

sameday.costco.com

URL

https://sameday.costco.com/api/v2/placements/header_banner

Domain

sameday.costco.com

URL

https://sameday.costco.com/api/v2/loyalty_cards

Domain

sameday.costco.com

URL

https://sameday.costco.com/api/v2/categories

Domain

sameday.costco.com

URL

https://sameday.costco.com/api/v2/facts/frontend_configs

Domain

sameday.costco.com

URL

https://sameday.costco.com/api/v2/merchandised_landing_page

Domain

rum.browser-intake-datadoghq.com

URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.2.0%2Cenv%3Aprod%2Cservice%3Aprod-cus-platform-master.web%2Cversion%3Adev&dd-api-key=pubc3a17870d897b5dd89eb2762efce143a&dd-evp-origin-version=4.2.0&dd-evp-origin=browser&dd-request-id=ff39a49f-7388-4c8e-90b0-3908a2419ff5&batch_time=1659363475201

Domain

o502263.ingest.sentry.io

URL

https://o502263.ingest.sentry.io/api/66740/envelope/?sentry_key=3b3e513109284a97bcc8dd5a3492681a&sentry_version=7

Domain

o502263.ingest.sentry.io

URL

https://o502263.ingest.sentry.io/api/66740/store/?sentry_key=3b3e513109284a97bcc8dd5a3492681a&sentry_version=7