www.stevedaines.com Open in urlscan Pro
40.123.53.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rtxt.co/aj44
Effective URL:
https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20...
Submission: On September 29 via manual (September 29th 2020, 7:18:40 am UTC) from TW

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 18 domains to perform 54 HTTP transactions. The main IP is 40.123.53.189, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.stevedaines.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on July 3rd 2020. Valid for: 2 years.

This is the only time www.stevedaines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.210.16.198 54.210.16.198	14618 (AMAZON-AES) (AMAZON-AES)
17	40.123.53.189 40.123.53.189	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 3	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1	37.157.5.69 37.157.5.69	198622 (ADFORM) (ADFORM)
1	99.86.243.115 99.86.243.115	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
54	20

1 54.210.16.198 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-16-198.compute-1.amazonaws.com

rtxt.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 40.123.53.189 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: campsolazwww2.eastus2.cloudapp.azure.com

www.stevedaines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.69 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.115 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-115.vie50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	stevedaines.com www.stevedaines.com	137 KB
5	adform.net 2 redirects a2.adform.net s2.adform.net c1.adform.net	30 KB
4	facebook.com www.facebook.com	591 B
3	google.de www.google.de	1 KB
3	google.com www.google.com	1 KB
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	facebook.net connect.facebook.net	299 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	gstatic.com fonts.gstatic.com	40 KB
3	fontawesome.com use.fontawesome.com	164 KB
2	snapchat.com tr.snapchat.com
2	googletagmanager.com www.googletagmanager.com	69 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	sc-static.net sc-static.net	6 KB
1	youtube.com www.youtube.com
1	cloudflare.com cdnjs.cloudflare.com	8 KB
1	googleapis.com fonts.googleapis.com	770 B
1	rtxt.co 1 redirects rtxt.co	397 B
54	18

	Domain	Requested by
17	www.stevedaines.com	www.stevedaines.com
4	www.facebook.com	www.stevedaines.com connect.facebook.net
3	www.google.de	www.stevedaines.com
3	www.google.com	www.stevedaines.com
3	a2.adform.net	2 redirects www.stevedaines.com
3	connect.facebook.net	www.stevedaines.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.stevedaines.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	use.fontawesome.com	www.stevedaines.com use.fontawesome.com
2	tr.snapchat.com	www.stevedaines.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	www.stevedaines.com www.googletagmanager.com
1	c1.adform.net	a2.adform.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	sc-static.net	www.stevedaines.com
1	s2.adform.net	www.stevedaines.com
1	www.youtube.com	www.stevedaines.com
1	cdnjs.cloudflare.com	www.stevedaines.com
1	fonts.googleapis.com	www.stevedaines.com
1	rtxt.co	1 redirects
54	21

This site contains no links.

Subject Issuer	Validity	Valid
www.stevedaines.com GeoTrust RSA CA 2018	`2020-07-03` - `2022-10-02`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Frame ID: 23F3D23B1AD79450EDF1B3D074E213A7
Requests: 50 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SvZkUTLgiQM
Frame ID: 1D8CA6E55458249E8CDB3970AB064A4A
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=27e5d0ff-4736-4e69-a359-7135a70cf08c
Frame ID: 383CB2DD7AE5772C333053F11424BD04
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 76661A4DB0C4E3E8E81A437EAD5EC138
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=603671138444731444&agencyId=7372&advertiserId=2075674&src=tp&rnd=955329
Frame ID: 5B94532FE9CB2B85F7B452EF741A4539
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://rtxt.co/aj44 HTTP 302
https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_202... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link [^>]*href=(?:"|')[^>]*wp-content\/plugins\/gravityforms\/css\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link [^>]*href=(?:"|')[^>]*wp-content\/plugins\/gravityforms\/css\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link [^>]*href=(?:"|')[^>]*wp-content\/plugins\/gravityforms\/css\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Gravity Forms (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href=(?:"|')[^>]*wp-content\/plugins\/gravityforms\/css\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

54
Requests

100 %
HTTPS

57 %
IPv6

18
Domains

21
Subdomains

20
IPs

5
Countries

789 kB
Transfer

2325 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rtxt.co/aj44 HTTP 302
https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 45

https://a2.adform.net/Serving/TrackPoint/?pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=164396126083&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_ HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=164396126083&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.stevedaines.com/hanoi-jane/
Redirect Chain

http://rtxt.co/aj44
https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

19 KB
6 KB

409ms
196ms

Document
text/html

40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: f06503ec63ec3b3605182dc1ddee230db82b177cf2f6ad0dc61c2e2ab3eebf02

Request headers

Host: www.stevedaines.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Server: Apache
Link: <https://www.stevedaines.com/wp-json/>; rel="https://api.w.org/" <https://www.stevedaines.com/wp-json/wp/v2/pages/1250>; rel="alternate"; type="application/json" <https://www.stevedaines.com/?p=1250>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 29 Sep 2020 07:18:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 344
Connection: keep-alive
Server: Server/3.3.10
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
Location: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Vary: Accept

GET
H2 200 css
fonts.googleapis.com/ 6 KB
770 B 20ms
14ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f6d2c7b4ec7f3c58815166320d064dfcd0d3ce479a840e142798f02ec76cddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 07:07:48 GMT
server: ESF
date: Tue, 29 Sep 2020 07:18:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Sep 2020 07:18:19 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.1/css/ 52 KB
13 KB 47ms
9ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

Origin: https://www.stevedaines.com
Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:19 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 17:44:03 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"b8085bf2c839791244bd95f56fb93c01"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK style.min.css
www.stevedaines.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 302ms
105ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Sep 2020 06:52:15 GMT
Server: Apache
ETag: "d293-5ae4f1373f080-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 7907

GET
H/1.1 200
OK bootstrap.min.css
www.stevedaines.com/wp-content/themes/stevedaines/css/ 120 KB
20 KB 308ms
110ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/css/bootstrap.min.css?ver=5.5.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 416dfabb1ba6878336a0cc23a509cc20cd2203ba0c9e31de37bd64410d18cb8f

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 16:24:20 GMT
Server: Apache
ETag: "1dead-57d3a368b7aa3-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 19885

GET
H/1.1 200
OK main.css
www.stevedaines.com/wp-content/themes/stevedaines/css/ 28 KB
5 KB 301ms
103ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/css/main.css?ver=5.5.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 6f90e5c4a45eb18b666f7f408e630ca4fa04fcbab581c6ac7752735688958c85

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Dec 2018 22:45:12 GMT
Server: Apache
ETag: "7180-57d53a6750e00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 5105

GET
H/1.1 200
OK formreset.min.css
www.stevedaines.com/wp-content/plugins/gravityforms/css/ 4 KB
685 B 300ms
102ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/plugins/gravityforms/css/formreset.min.css?ver=2.4.20
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 17:21:35 GMT
Server: Apache
ETag: "f14-5ad2a1e7ae37b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 402

GET
H/1.1 200
OK formsmain.min.css
www.stevedaines.com/wp-content/plugins/gravityforms/css/ 73 KB
12 KB 305ms
106ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/plugins/gravityforms/css/formsmain.min.css?ver=2.4.20
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: b1aa06690d5ab9d485e6d507b1b692c9dcfd7dc1c3a2018631b07345df48b080

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 17:21:35 GMT
Server: Apache
ETag: "12305-5ad2a1e7b21fc-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 11788

GET
H/1.1 200
OK readyclass.min.css
www.stevedaines.com/wp-content/plugins/gravityforms/css/ 30 KB
4 KB 308ms
107ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/plugins/gravityforms/css/readyclass.min.css?ver=2.4.20
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 17:21:35 GMT
Server: Apache
ETag: "76e7-5ad2a1e7b7fbc-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3406

GET
H/1.1 200
OK browsers.min.css
www.stevedaines.com/wp-content/plugins/gravityforms/css/ 7 KB
1 KB 606ms
112ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/plugins/gravityforms/css/browsers.min.css?ver=2.4.20
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 17:21:35 GMT
Server: Apache
ETag: "1d79-5ad2a1e7cb83c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 1227

GET
H/1.1 200
OK gf-ems-conv.js Show response
www.stevedaines.com/wp-content/plugins/gf-bh-connection/js/ 710 B
657 B 606ms
110ms Script
application/x-javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/plugins/gf-bh-connection/js/gf-ems-conv.js?ver=5.5.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 12d194e5b8906b28d6d121cb6ffa7591a918e88a053cbd67c3cd30aacfdd3012

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Apr 2020 13:21:33 GMT
Server: Apache
ETag: "2c6-5a459b5dcdd2f-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 358

GET
H/1.1 200
OK jquery.js Show response
www.stevedaines.com/wp-includes/js/jquery/ 95 KB
33 KB 616ms
120ms Script
application/x-javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 May 2019 18:00:11 GMT
Server: Apache
ETag: "17a69-58991da70adfb-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 33776

GET
H/1.1 200
OK bootstrap.min.js Show response
www.stevedaines.com/wp-content/themes/stevedaines/js/ 36 KB
10 KB 614ms
117ms Script
application/x-javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/js/bootstrap.min.js?ver=5.5.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 2ad0bcdeda45c15262fe2f189dfdf10dddb770e10a0a882dc8352c4f7ecede99

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 16:24:20 GMT
Server: Apache
ETag: "8fd1-57d3a36911825-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 9746

GET
H/1.1 200
OK script.js Show response
www.stevedaines.com/wp-content/themes/stevedaines/js/ 178 B
454 B 602ms
101ms Script
application/x-javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/js/script.js?ver=5.5.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: c256c15a40d6d397452697b45b47b8c157a89061c144587120476926d76dcbb5

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 16:24:20 GMT
Server: Apache
ETag: "b2-57d3a36920285-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 156

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ 23 KB
8 KB 67ms
30ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js?ver=1.16.0

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 1672602
cf-ray: 5da3edf1fdd9bee2-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 057a530b3d0000bee24887b200000001
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: W/"5eb03ec2-5a1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1601363899&lkg-ip=2a01:4f8:121:131a::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Sun, 19 Sep 2021 07:18:19 GMT

GET
H/1.1 200
OK jquery.watermark.min.js Show response
www.stevedaines.com/wp-content/themes/stevedaines/js/libs/ 5 KB
2 KB 699ms
106ms Script
application/x-javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/js/libs/jquery.watermark.min.js?ver=3.1.4
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 23c0fbb5b849bb313096aba07043a423ef00cb1c69dbd0cd3d020d77a257a780

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2016 12:40:49 GMT
Server: Apache
ETag: "1432-536e2c3339640-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1976

GET
H/1.1 200
OK common.js Show response
www.stevedaines.com/wp-content/themes/stevedaines/js/ 3 KB
1 KB 900ms
104ms Script
application/x-javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/js/common.js?ver=1.0.0
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 4f87d30460acafe9bf8d9b95cc2e77cea715c04251a2fb39a3012f83f04d14f3

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Dec 2018 19:40:20 GMT
Server: Apache
ETag: "ac6-57d5111529100-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1083

GET
H/1.1 200
OK wp-embed.min.js Show response
www.stevedaines.com/wp-includes/js/ 1 KB
1 KB 906ms
104ms Script
application/x-javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 17:20:37 GMT
Server: Apache
ETag: "59a-5ad2a1b07086a-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 769

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.stevedaines.com/wp-includes/js/ 14 KB
5 KB 302ms
106ms Script
application/x-javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Aug 2020 17:20:37 GMT
Server: Apache
ETag: "37a6-5ad2a1b0b3e8c-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 4671

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
33 KB 50ms
30ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCNRKPG

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d3c4a9f0b107bf9494870609bdc55081c66bd4cf16c97f56eef03bb53b266de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:19 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33767
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Sep 2020 07:18:19 GMT

GET
H/1.1 200
OK logo.png
www.stevedaines.com/wp-content/themes/stevedaines/images/ 27 KB
27 KB 297ms
100ms Image
image/png 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/images/logo.png
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/wp-content/themes/stevedaines/css/main.css?ver=5.5.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 6da4ddccfc9fa00e4889af706b779c214ed0d36c79cd88e2238334829762fe33

Request headers

Referer: https://www.stevedaines.com/wp-content/themes/stevedaines/css/main.css?ver=5.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 07:18:20 GMT
Last-Modified: Mon, 17 Dec 2018 16:24:20 GMT
Server: Apache
ETag: "6b4d-57d3a368ec664"
Vary: Accept-Encoding
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 27469

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
4ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.stevedaines.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:26:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 564734
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:26:05 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.stevedaines.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:43 GMT
server: sffe
age: 564640
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13560
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:27:39 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.stevedaines.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:26:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 564696
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:26:43 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 77 KB
78 KB 9ms
8ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11

Request headers

Origin: https://www.stevedaines.com
Referer: https://use.fontawesome.com/releases/v5.6.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:19 GMT
last-modified: Wed, 12 Dec 2018 17:44:35 GMT
server: NetDNA-cache/2.2
status: 200
etag: "59ea9019c9b9bc4d83ab9783e830735c"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 79072

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 72 KB
73 KB 19ms
18ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c885e9f2017a2ed7075db9e876d40a04aa3208114443803bdb120a34afd3b1d6

Request headers

Origin: https://www.stevedaines.com
Referer: https://use.fontawesome.com/releases/v5.6.1/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:19 GMT
last-modified: Wed, 12 Dec 2018 17:44:19 GMT
server: NetDNA-cache/2.2
status: 200
etag: "f80b8a05dd76fdb40e630f1e90b1303d"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 73936

GET
H2 200 SvZkUTLgiQM
www.youtube.com/embed/ Frame 1D8C 0
0 100ms
78ms Document
text/html 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/SvZkUTLgiQM

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/SvZkUTLgiQM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Response headers

status: 200
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 10894
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Sep 2020 07:18:20 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=z_ybNAMyIuU; path=/; domain=.youtube.com; secure; expires=Sun, 28-Mar-2021 07:18:20 GMT; httponly; samesite=None YSC=ZSAYYUq_4NQ; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 29-Sep-2020 07:48:20 GMT VISITOR_INFO1_LIVE=z_ybNAMyIuU; path=/; domain=.youtube.com; secure; expires=Sun, 28-Mar-2021 07:18:20 GMT; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCNRKPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 160
date: Tue, 29 Sep 2020 07:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 29 Sep 2020 09:15:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: A9JR6jPwjTjA7v5VHa6rCSsUH4FZoBuFTson1olybyXqv7ZdPuZc0P7I41a/5PX0cZ03xy2EDXnJVvg1weKhng==
x-fb-trip-id: 2097730283
x-frame-options: DENY
date: Tue, 29 Sep 2020 07:18:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 61ms
48ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-657360053

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCNRKPG

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7876c86ae440f39c4ae9b07c0723fb6bf560d0f5ad4d592101853a1082d235bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:20 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36412
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Sep 2020 07:18:20 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

96ms
32ms

Script
application/x-javascript

37.157.5.69
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.69 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 89334ba86873baccdb8c2b5ea18ed21cd75e480aae4d494bb276564f4879d488

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:20 GMT
content-encoding: gzip
last-modified: Thu, 27 Aug 2020 13:14:58 GMT
server: nginx
etag: W/"5f47b1d2-14076"
x-cache-status: HIT
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

status: 301
date: Tue, 29 Sep 2020 07:18:20 GMT
server: nginx
location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
6 KB 129ms
64ms Script
application/javascript 99.86.243.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-115.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:20 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: VIE50-C1
status: 200
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5415
via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
x-amz-cf-id: CFGNtKrmoQeEE8T0uChGVx2B75E-jycXwEY1TsUaiR3zHKLN8E4RuA==

GET
H2 200 1735575306772755 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1735575306772755?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7840817c32ffe367a61278c0fa5dd5b94a10584655a51119946764a8bd6671d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: MASloEkOcnCmiftc3wU8FeAKRB2QEpU5lhnxvzqueqVJSVHbOT6S3XOHi2CnLsvUmdU3no7R7sV5sKycmVTjFQ==
x-fb-trip-id: 2097730283
x-frame-options: DENY
date: Tue, 29 Sep 2020 07:18:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
457 B 46ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-45510217-1&cid=699327671.1601363900&jid=971192982&gjid=1547149145&_gid=938365319.1601363900&_u=YGBAgEABAAAAAE~&z=1671125516

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 29 Sep 2020 07:18:20 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.stevedaines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
392 B 27ms
14ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1225956526&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines&ul=en-us&de=UTF-8&dt=Steve%20Bullock%3A%20In%20With%20The%20Hollywood%20Crowd%20%E2%80%93%20Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=971192982&gjid=1547149145&cid=699327671.1601363900&tid=UA-45510217-1&_gid=938365319.1601363900&gtm=2wg9g1WCNRKPG&cd1=2020-09-29T09%3A18%3A20.38%2B02%3A00&z=1063761373

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 14:28:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60619
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 45ms
19ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-657360053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 07:18:20 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
513 B 40ms
17ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-45510217-1&cid=699327671.1601363900&jid=971192982&_u=YGBAgEABAAAAAE~&z=894204693

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
513 B 39ms
17ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-45510217-1&cid=699327671.1601363900&jid=971192982&_u=YGBAgEABAAAAAE~&z=894204693

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 643219762894676 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 91ms
91ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/643219762894676?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13b1ab46cda9ca03a16bc73b680f4aa574ad402da9baa5ee6fb2ceeda43c90a1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: LUE5rUdsqT6mxf+dVU7/r1pWJzcq+anBvVsQfuk8QU4ayp1MMDNi6MlOss+AGtSt2elBE98N5ufry/5g3g5KvQ==
x-fb-trip-id: 2097730283
x-frame-options: DENY
date: Tue, 29 Sep 2020 07:18:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
375 B 21ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1735575306772755&ev=PageView&dl=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines&rl=&if=false&ts=1601363900179&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1601363900176.1532590075&it=1601363900078&coo=false&rqm=GET

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 29 Sep 2020 07:18:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/657360053/ 3 KB
1 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/657360053/?random=1601363900194&cv=9&fst=1601363900194&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9g1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines&tiba=Steve%20Bullock%3A%20In%20With%20The%20Hollywood%20Crowd%20%E2%80%93%20Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bd2a8c996474f662539d12aca8e1aaeb9953531993fde1e183637c664cfcfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1158
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
tr.snapchat.com/cm/ Frame 383C 0
0 40ms
22ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=27e5d0ff-4736-4e69-a359-7135a70cf08c

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=27e5d0ff-4736-4e69-a359-7135a70cf08c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Response headers

status: 200
server: nginx/1.17.3
date: Tue, 29 Sep 2020 07:18:20 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p
tr.snapchat.com/ Frame 7666 0
0 34ms
27ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 348
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.stevedaines.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.stevedaines.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Response headers

status: 200
server: nginx/1.17.3
date: Tue, 29 Sep 2020 07:18:20 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIBuiUc5zxC463rXeKwrXay20opkmAccRlehxOdTvhySyg8QEhMj/WMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/657360053/ 42 B
538 B 42ms
26ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/657360053/?random=1601363900194&cv=9&fst=1601362800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9g1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines&tiba=Steve%20Bullock%3A%20In%20With%20The%20Hollywood%20Crowd%20%E2%80%93%20Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&async=1&fmt=3&is_vtc=1&random=2450022136&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/657360053/ 42 B
538 B 44ms
28ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/657360053/?random=1601363900194&cv=9&fst=1601362800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9g1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines&tiba=Steve%20Bullock%3A%20In%20With%20The%20Hollywood%20Crowd%20%E2%80%93%20Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&async=1&fmt=3&is_vtc=1&random=2450022136&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=643219762894676&ev=PageView&dl=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines&rl=&if=false&ts=1601363900302&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1601363900176.1532590075&it=1601363900078&coo=false&rqm=GET

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 07:18:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 29 Sep 2020 07:18:20 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=164396126083&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2F...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=164396126083&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.c...

713 B
1 KB

97ms
96ms

Script
text/javascript

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=164396126083&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

440492c6d6c99815b4ce81324df2aaa0afe5b6e19f632a0d7ae2cf1741134d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:20 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 596
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:20 GMT
server: nginx
status: 302
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=164396126083&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 pixels
c1.adform.net/imatch/ Frame 5B94 0
0 95ms
30ms Document
text/html 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=603671138444731444&agencyId=7372&advertiserId=2075674&src=tp&rnd=955329

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=164396126083&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /imatch/pixels?uid=603671138444731444&agencyId=7372&advertiserId=2075674&src=tp&rnd=955329
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=603671138444731444; CM=1|0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines

Response headers

status: 200
server: nginx
date: Tue, 29 Sep 2020 07:18:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: CM14=1601450300_1601363900_1_Hu7u7u4e4e7u7u4REREeEREREREeEQ; expires=Tue, 13 Oct 2020 07:18:20 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

POST
H2 200 /
www.facebook.com/tr/ 0
86 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJBbwOVEiqNgYqlR

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 29 Sep 2020 07:18:20 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.stevedaines.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryADKJJpMFJ7GOjkBv

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 29 Sep 2020 07:18:20 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.stevedaines.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 12ms
12ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1225956526&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.stevedaines.com%2Fhanoi-jane%2F%3Futm_source%3Dp2p%26utm_medium%3Dp2p%26utm_campaign%3Dpersuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines&ul=en-us&de=UTF-8&dt=Steve%20Bullock%3A%20In%20With%20The%20Hollywood%20Crowd%20%E2%80%93%20Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20ID&ea=699327671.1601363900&el=%2Fhanoi-jane%2F&_u=aHhACEABBAAAAG~&jid=223965960&gjid=966398545&cid=699327671.1601363900&tid=UA-45510217-1&_gid=302810115.1601363905&_r=1&gtm=2wg9g1WCNRKPG&cd2=699327671.1601363900&z=788803160

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.stevedaines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
69 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-45510217-1&cid=699327671.1601363900&jid=223965960&gjid=966398545&_gid=302810115.1601363905&_u=aHhACEABBAAAAG~&z=1072194582

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 29 Sep 2020 07:18:24 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.stevedaines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 18ms
17ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-45510217-1&cid=699327671.1601363900&jid=223965960&_u=aHhACEABBAAAAG~&z=1759432413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 18ms
18ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-45510217-1&cid=699327671.1601363900&jid=223965960&_u=aHhACEABBAAAAG~&z=1759432413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/hanoi-jane/?utm_source=p2p&utm_medium=p2p&utm_campaign=persuasion_vets_1_20200909_p2p_p2p__no_20200909_mtsendaines
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 07:18:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.adform.net
c1.adform.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
rtxt.co
s2.adform.net
sc-static.net
stats.g.doubleclick.net
tr.snapchat.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.stevedaines.com
www.youtube.com
185.167.164.43
216.58.206.2
23.111.9.35
2606:4700::6811:4f6b
2a00:1450:4001:800::2003
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:818::200a
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a00:1450:4001:825::200e
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.186.226.184
37.157.4.23
37.157.5.69
40.123.53.189
54.210.16.198
99.86.243.115
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d194e5b8906b28d6d121cb6ffa7591a918e88a053cbd67c3cd30aacfdd3012
13b1ab46cda9ca03a16bc73b680f4aa574ad402da9baa5ee6fb2ceeda43c90a1
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f6d2c7b4ec7f3c58815166320d064dfcd0d3ce479a840e142798f02ec76cddd
23c0fbb5b849bb313096aba07043a423ef00cb1c69dbd0cd3d020d77a257a780
2ad0bcdeda45c15262fe2f189dfdf10dddb770e10a0a882dc8352c4f7ecede99
416dfabb1ba6878336a0cc23a509cc20cd2203ba0c9e31de37bd64410d18cb8f
440492c6d6c99815b4ce81324df2aaa0afe5b6e19f632a0d7ae2cf1741134d5a
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9
4bd2a8c996474f662539d12aca8e1aaeb9953531993fde1e183637c664cfcfa4
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4f87d30460acafe9bf8d9b95cc2e77cea715c04251a2fb39a3012f83f04d14f3
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6da4ddccfc9fa00e4889af706b779c214ed0d36c79cd88e2238334829762fe33
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f90e5c4a45eb18b666f7f408e630ca4fa04fcbab581c6ac7752735688958c85
7876c86ae440f39c4ae9b07c0723fb6bf560d0f5ad4d592101853a1082d235bc
7f9a44c6380de9dad00c68412b2420fc5132e4013bf2f62d9daee5da9d151674
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89334ba86873baccdb8c2b5ea18ed21cd75e480aae4d494bb276564f4879d488
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
9d3c4a9f0b107bf9494870609bdc55081c66bd4cf16c97f56eef03bb53b266de
b1aa06690d5ab9d485e6d507b1b692c9dcfd7dc1c3a2018631b07345df48b080
c256c15a40d6d397452697b45b47b8c157a89061c144587120476926d76dcbb5
c885e9f2017a2ed7075db9e876d40a04aa3208114443803bdb120a34afd3b1d6
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61ac08ccbbff6ae298e168c6d2fb069e5db7c122fe07f7e2e4ce1dbb01a58fb
e7840817c32ffe367a61278c0fa5dd5b94a10584655a51119946764a8bd6671d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06503ec63ec3b3605182dc1ddee230db82b177cf2f6ad0dc61c2e2ab3eebf02

www.stevedaines.com Open in urlscan Pro 40.123.53.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

57 %IPv6

18 Domains

21 Subdomains

20 IPs

5 Countries

789 kBTransfer

2325 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.stevedaines.com Open in urlscan Pro
40.123.53.189 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

57 %
IPv6

18
Domains

21
Subdomains

20
IPs

5
Countries

789 kB
Transfer

2325 kB
Size

0
Cookies

54 HTTP transactions
0 data transactions