urlscan.io logo urlscan.io
SecurityTrails logo

step.com Open in urlscan Pro
34.95.85.189  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://step.com/
Effective URL: https://step.com/
Submission: On April 27 via manual from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 42 HTTP transactions. The main IP is 34.95.85.189, located in United States and belongs to GOOGLE, US. The main domain is step.com.
TLS certificate: Issued by GTS CA 1D2 on April 15th 2020. Valid for: 3 months.
This is the only time step.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

22    34.95.85.189 (United States)

ASN15169 (GOOGLE, US)
PTR: 189.85.95.34.bc.googleusercontent.com
step.com
1    13.225.73.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-112.fra2.r.cloudfront.net
sc-static.net
1    2a02:26f0:6c00:19e::11bd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
linkmaker.itunes.apple.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
3    35.244.215.127 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 127.215.244.35.bc.googleusercontent.com
assets.step.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    143.204.99.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net
cdn.segment.com
1    2600:9000:20eb:de00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
2    35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
3    2600:9000:21f3:6600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
1    52.11.35.251 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-35-251.us-west-2.compute.amazonaws.com
api.segment.io
1    2600:1901:0:bc29:: (United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
3    107.178.240.159 (United States)

ASN15169 (GOOGLE, US)
PTR: 159.240.178.107.bc.googleusercontent.com
api-js.mixpanel.com
Domain Requested by
22 step.com 1 redirects step.com
3 api-js.mixpanel.com step.com
3 api2.branch.io step.com
3 connect.facebook.net step.com
connect.facebook.net
3 assets.step.com step.com
2 tr.snapchat.com sc-static.net
2 play.google.com 1 redirects step.com
1 cdn.mxpnl.com cdn.segment.com
1 api.segment.io step.com
1 app.link step.com
1 cdn.segment.com step.com
1 linkmaker.itunes.apple.com step.com
1 sc-static.net step.com
42 13
Subject Issuer Validity Valid
step.com
GTS CA 1D2		 2020-04-15 -
2020-07-14		 3 months crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-03-15		 2 years crt.sh
linkmaker.itunes.apple.com
DigiCert SHA2 Extended Validation Server CA		 2019-10-02 -
2020-10-01		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
assets.step.com
GTS CA 1D2		 2020-03-12 -
2020-06-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2019-06-24 -
2020-07-01		 a year crt.sh
appipv4.link
Amazon		 2019-08-19 -
2020-09-19		 a year crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA		 2019-02-19 -
2021-02-23		 2 years crt.sh
*.branch.io
DigiCert SHA2 Secure Server CA		 2018-12-05 -
2020-12-08		 2 years crt.sh
*.mxpnl.com
RapidSSL RSA CA 2018		 2019-07-29 -
2021-07-28		 2 years crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://step.com/
Frame ID: ABACCAA064978A398BDD49EB72DA1179
Requests: 42 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=63ec22cd-50f4-470b-87f6-15ac4e31239c
Frame ID: 1B6CF26BE1F63FF4E829C0946462CFBA
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: AA49EB2859AC12D67A7A0EA2C8302DD8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://step.com/ HTTP 302
    https://step.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

42
Requests

100 %
HTTPS

46 %
IPv6

12
Domains

13
Subdomains

14
IPs

4
Countries

3707 kB
Transfer

4230 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://step.com/ HTTP 302
    https://step.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png HTTP 302
  • https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
step.com/
Redirect Chain
  • http://step.com/
  • https://step.com/
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
bc3e1b4aa16f0480831f3fbd50d77f470baa3cdfec56db7dc45daf45ec3be0cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
step.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
x-powered-by
Express
strict-transport-security
max-age=31536000
accept-ranges
bytes
cache-control
public, max-age=0
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
etag
W/"1207-171436454c8"
content-type
text/html; charset=UTF-8
content-length
4615
date
Mon, 27 Apr 2020 06:24:38 GMT
via
1.1 google
alt-svc
clear

Redirect headers

X-Powered-By
Express
Location
https://step.com/
Vary
Accept
Content-Type
text/html; charset=utf-8
Content-Length
78
Date
Mon, 27 Apr 2020 06:24:38 GMT
Via
1.1 google
index.css
step.com/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://step.com/index.css
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
4a627b7c18ec7930001ba5fa4046417e4156663850567e868b2223ef7b897ba8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"5a0a-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
23050
main.b56bca5d.chunk.css
step.com/static/css/ 		46 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://step.com/static/css/main.b56bca5d.chunk.css
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
bad7236844624a8391712a6f31528e4ca28401cb121bcb3aa1b980cdd9a80b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"b88e-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
text/css; charset=UTF-8
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
47246
logo-dark.png
step.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/logo-dark.png
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
a1a08d2a91c40af7df71cd945fce56befac30b698f67a17cdd526c0baf5e00f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"9b3-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/png
status
200
cache-control
public, max-age=0
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
2483
2.528b963d.chunk.js
step.com/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://step.com/static/js/2.528b963d.chunk.js
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
a0a251d370322ca124c0ef6b481c047c689f34cab770d85f6d7cbf931c578e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"1795b9-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
1545657
main.290bb23a.chunk.js
step.com/static/js/ 		350 KB
351 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://step.com/static/js/main.290bb23a.chunk.js
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
32c17ecb2519c9f45130f350acc218017e4e0b884f067f1cc063bf52ffb46293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"57962-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
358754
scevent.min.js
sc-static.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: step.com
URL: https://step.com/static/js/main.290bb23a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 01:17:50 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 22:48:01 GMT
server
AmazonS3
age
18412
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
hZ9X9hQbARZpUVe0e01Yl3vgFSo2Hk5jzhjqI5yKza39pQm6boe0jA==
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9c84d82310bb1e4e7d464a8430c56c56fd0c1e628be5c7cb825cf50d247cae0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f39a833c5c758bd3b926e9cb6c2415afd3085639ebc728d90ae6ad6d4de45644

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
hero-phone-and-card.449678d2.png
step.com/static/media/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/hero-phone-and-card.449678d2.png
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
fdb5e426fa6d12a1dc1e49ba896604ab81c58c3c1475b3d459f41b7ff753ca2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"13ffa6-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/png
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
1310630
icon-cash.98784775.svg
step.com/static/media/ 		358 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/icon-cash.98784775.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c340be8ea06600b19e42c0f67b16dfe5ada052090182c48cdae4c316cd707356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"166-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
358
notifications.43068698.png
step.com/static/media/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/notifications.43068698.png
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
488371d6d3084c2382b41f299b43bfa1750f7412e48ee27a6d493e73318b5f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"5a2e-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/png
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
23086
icon-bank.20238e89.svg
step.com/static/media/ 		382 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/icon-bank.20238e89.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
8ac0046fe27bdc19a124d4443ea68ada2d2591bbecdb41db2d690c08c6423209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"17e-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
382
img-zero-fees.e1fd84d0.png
step.com/static/media/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/img-zero-fees.e1fd84d0.png
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
ce48740f759308b1ffbca93c67a900c9121f8d4753ccdf9eca54576b187c177e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"531b-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/png
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
21275
icon-card.c45973f3.svg
step.com/static/media/ 		308 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/icon-card.c45973f3.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
d106af72c9523e458d20bc5508b495ae79ec056ac1d73df37683e8efaf5b73e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"134-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
308
apple-pay.1c435870.svg
step.com/static/media/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/apple-pay.1c435870.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c3d7cea0bf29695d416cda033087c87a95720fafdf6e56fd74abaf2652898e15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"17a1-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
6049
google-pay.40b87627.svg
step.com/static/media/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/google-pay.40b87627.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
0542f41ccae5cb8326ff8468fbb7680939c9cad018aa5eb79f0a87889bdb93a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"2906-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
10502
card-stack.5884d0ea.png
step.com/static/media/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/card-stack.5884d0ea.png
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
3408eda6c1963bd5708240a1a0927203fe902f2babd9ba1c60758e92812f0a8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"e8a0-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/png
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
59552
icon-visa.16347cd6.svg
step.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/icon-visa.16347cd6.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
da3decefaffc8d2ffa901e5666ea34e6025a7729c16740d22f118c31c29479f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"79f-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
1951
techcrunch.04038099.svg
step.com/static/media/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/techcrunch.04038099.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
129f102e2c2cc26f757e933591ffd6ce00b0eb81ac3024814592a040b181a9c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"1915-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
6421
icon-venturebeat-bw.2f58645b.svg
step.com/static/media/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/icon-venturebeat-bw.2f58645b.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
0db69cccae737788ff5b45dd2bad5bf0203ed76b26aa34d6b1286582360767e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"fc7-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
4039
crunchbase.3b61336d.svg
step.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/crunchbase.3b61336d.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
03bc4ded6b044f44820137740208144a502718202b82dc05341dcb46dbe2ec8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"da7-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
3495
forbes.214472ee.svg
step.com/static/media/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/forbes.214472ee.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
cb953374075bbe2f6e0b2073c00c492aad8b5218d1a2ba6dafef467ec50fc273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"2b00-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
11008
fortune.4ee28256.svg
step.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://step.com/static/media/fortune.4ee28256.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.85.189 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
189.85.95.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
cf078c2d11ad52587d1e9223e937185db75de2ff636ba30ea748bbd98657e53d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 google
etag
W/"ad3-171436454c8"
last-modified
Sat, 04 Apr 2020 04:13:01 GMT
x-powered-by
Express
content-type
image/svg+xml
status
200
cache-control
public,max-age=31536000,immutable
date
Mon, 27 Apr 2020 06:24:39 GMT
accept-ranges
bytes
alt-svc
clear
content-length
2771
badge_appstore-lrg.svg
linkmaker.itunes.apple.com/images/badges/en-us/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkmaker.itunes.apple.com/images/badges/en-us/badge_appstore-lrg.svg
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:19e::11bd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Apr 2020 06:24:39 GMT
content-encoding
gzip
server
nginx/1.12.2
etag
"25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132"
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-16-187-23.deploy.akamaitechnologies.com (AkamaiGHost/9.9.4.2-29290934) (-)
content-type
image/svg+xml
status
200, 200 OK
cache-control
max-age=414268
x-request-id
9a4b7b09-5982-44d9-813b-a5c89c7ea87b
content-length
4628
x-runtime
0.055015
expires
Sat, 02 May 2020 01:29:07 GMT
en_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/
Redirect Chain
  • https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png
  • https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:24:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 05:15:00 GMT
server
sffe
content-type
image/png
status
200
cache-control
private, max-age=0
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
13957
x-xss-protection
0
expires
Mon, 27 Apr 2020 06:24:39 GMT

Redirect headers

date
Mon, 27 Apr 2020 06:24:39 GMT
x-content-type-options
nosniff
server
sffe
status
302
content-type
text/html; charset=UTF-8
location
https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
284
x-xss-protection
0
CeraPro-Bold.woff2
assets.step.com/fonts/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.step.com/fonts/CeraPro-Bold.woff2
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.215.127 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.215.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ca5c9713e00889334d3b4e407110c7619089ffc7b7808878181d505286b101b0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://step.com/index.css
Origin
https://step.com

Response headers

date
Mon, 27 Apr 2020 06:24:39 GMT
x-goog-meta-goog-reserved-file-mtime
1545351219
age
0
x-guploader-uploadid
AAANsUk1RLZfUy-KZGRKiwbJ0ry4aZnKXk_z7T7PyM3YraxmC8nuKrPQcoyrE1nALLt33epSjDH0_TqTJXuUq53f8bo
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
52888
last-modified
Wed, 06 Nov 2019 05:01:08 GMT
server
UploadServer
etag
"437f12045c5eb043117f728083aeed24"
vary
Origin
x-goog-hash
crc32c=vPWECw==, md5=Q38SBFxesEMRf3KAg67tJA==
content-language
en
access-control-allow-origin
https://step.com
x-goog-generation
1573016468902969
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
52888
accept-ranges
bytes
content-type
font/woff2
expires
Mon, 27 Apr 2020 07:24:39 GMT
CeraPro-Regular.woff2
assets.step.com/fonts/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.step.com/fonts/CeraPro-Regular.woff2
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.215.127 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.215.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42018aecfd6e54d5f7bd4cb9f1c24c310528ba453239c118146243ae02b4c6ca

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://step.com/index.css
Origin
https://step.com

Response headers

date
Mon, 27 Apr 2020 06:24:39 GMT
x-goog-meta-goog-reserved-file-mtime
1548282513
age
0
x-guploader-uploadid
AAANsUlZCP6kKpe_gTV5PmJ3IYJCluedJ4ggdTt4O5Jk2Z3jGlwCf7tf6o7gwcdWqtAjzaKWVy36HFJIxAM9pHrb7To
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
53440
last-modified
Wed, 06 Nov 2019 05:01:11 GMT
server
UploadServer
etag
"9035d74616302251107c88cb3b1495bc"
vary
Origin
x-goog-hash
crc32c=9NYn/A==, md5=kDXXRhYwIlEQfIjLOxSVvA==
content-language
en
access-control-allow-origin
https://step.com
x-goog-generation
1573016471565711
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
53440
accept-ranges
bytes
content-type
font/woff2
expires
Mon, 27 Apr 2020 07:24:39 GMT
CeraPro-Medium.woff2
assets.step.com/fonts/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.step.com/fonts/CeraPro-Medium.woff2
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.215.127 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.215.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
30e4cee0fdf2474aa4585728bdd769857457ecf8e021c7c7d064c56ed4974d15

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://step.com/index.css
Origin
https://step.com

Response headers

date
Mon, 27 Apr 2020 06:24:39 GMT
x-goog-meta-goog-reserved-file-mtime
1545351219
age
0
x-guploader-uploadid
AAANsUnoGGeK2RoBhRf6k3eQ9L-C4q8NfXNUOjr_fPzAncLhAnzprZwVFk4L0jVdfdcwprywgujc9x9R81wD5mmV9ANYNZX0Pg
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
53220
last-modified
Wed, 06 Nov 2019 05:01:10 GMT
server
UploadServer
etag
"aa487617200f651a29f628c0c887c46c"
vary
Origin
x-goog-hash
crc32c=ZaCUvA==, md5=qkh2FyAPZRop9ijAyIfEbA==
content-language
en
access-control-allow-origin
https://step.com
x-goog-generation
1573016470186663
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
53220
accept-ranges
bytes
content-type
font/woff2
expires
Mon, 27 Apr 2020 07:24:39 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: step.com
URL: https://step.com/static/js/2.528b963d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
XwZsA0Tr8gitcvyJ3BVZGJMNtyu7oZ9QIiRT4GrSNP0/6uA5NsNmVe79/c1EaPszp4q8lZAOaFzqqOgRS46XIg==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Mon, 27 Apr 2020 06:24:39 GMT, Mon, 27 Apr 2020 06:24:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/HBsYBc4e2joVvYpjwm2yDumAUJMnBI3x/ 		319 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/HBsYBc4e2joVvYpjwm2yDumAUJMnBI3x/analytics.min.js
Requested by
Host: step.com
URL: https://step.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.99.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-99-83.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2aee4c07335621476f8a914884147847ea2e5e2ae5a34cb4105f135362050f4c

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
a4DQ92kKHJgWxhrOPFevG9gP2q2la5G3
content-encoding
gzip
etag
"825f41c3528167d63f783b732fb55d06"
x-amz-cf-pop
FRA50-C1
x-cache
RefreshHit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
61151
access-control-allow-origin
*
last-modified
Fri, 24 Apr 2020 17:46:34 GMT
server
AmazonS3
date
Mon, 27 Apr 2020 06:24:40 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control
public, max-age=300
accept-ranges
bytes
x-amz-cf-id
vAYkz0l3EsCUswci-e-ZqBJDSSTO_E06652l3UIAtBdDup7Hvj7L3g==
_r
app.link/ 		90 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.52.7&branch_key=key_live_nhINsMG7rGDTEs8QE14G2pnhszjBwSD3&callback=branch_callback__0
Requested by
Host: step.com
URL: https://step.com/static/js/2.528b963d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:de00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
a4acdadf22982890777f1126707db67eacc9a3a1c71124789cad805e4b3e0ee2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 27 Apr 2020 06:24:39 GMT
Via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
openresty/1.13.6.2
X-Amz-Cf-Pop
FRA2-C1
X-Powered-By
Express
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Content-Length
90
ETag
W/"5a-J3tKbhxbjuKlR1tY/tyrjtbTxpo"
X-Amz-Cf-Id
8KCFfHVeZ0kHo9Cb5ke9Qfxo5-FyCJqp1mL4nBp7O70Ykvn5YQ0RUw==
i
tr.snapchat.com/cm/ Frame 1B6C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=63ec22cd-50f4-470b-87f6-15ac4e31239c
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=63ec22cd-50f4-470b-87f6-15ac4e31239c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://step.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://step.com/

Response headers

status
200
server
nginx/1.17.3
date
Mon, 27 Apr 2020 06:24:39 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
identity.js
connect.facebook.net/signals/plugins/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
10620
x-xss-protection
0
pragma
public
x-fb-debug
NUBCLd9zHIJectVwVG2PE1p6DigjFZhXUXyfqMQ4XHopeT0pEk31xEfqr1mac0u8K91k4qqinTM3DM1ShNSmjQ==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Mon, 27 Apr 2020 06:24:39 GMT, Mon, 27 Apr 2020 06:24:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
628175630947622
connect.facebook.net/signals/config/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/628175630947622?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4da32c20c4bc9a91f5696997e5b91a8e4b1ca4b460a77815b476e79884ab8859
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Ib3QMDUwiAA+SgGj82dFw6DMw5Zaopd4EPGhB1HhSotDlDCM3QFP4iU8pv0HvCc3X61HSKFlFNETjVyUlzcx3g==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Mon, 27 Apr 2020 06:24:39 GMT, Mon, 27 Apr 2020 06:24:39 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
p
tr.snapchat.com/ Frame AA49 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
221
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://step.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://step.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://step.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://step.com/

Response headers

status
200
server
nginx/1.17.3
date
Mon, 27 Apr 2020 06:24:39 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBhw0AMAgDsIuQ6EhD3ungCo6vDUd3Hjcim03dYfukmzAH38vQ7lUNQa1YVPkHsfs2cjIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
open
api2.branch.io/v1/ 		310 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: step.com
URL: https://step.com/static/js/2.528b963d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
5668160bb263b7a9e32af88ea95f89e9d48b897561a16fc9dd535abf6aa80889

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Apr 2020 06:24:39 GMT
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2-C2
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
310
x-amz-cf-id
QFWIqwC6Uiupxqks0RmOGxLrTXdbAmWlFN2JlRYwanDbQO93hpBLvw==
p
api.segment.io/v1/ 		21 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: step.com
URL: https://step.com/static/js/2.528b963d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.35.251 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-35-251.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Mon, 27 Apr 2020 06:24:40 GMT
access-control-allow-origin
https://step.com
content-length
21
vary
Origin
content-type
application/json
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HBsYBc4e2joVvYpjwm2yDumAUJMnBI3x/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
83b2aa58b640b81d6c29ed11af1848a7203bf61f390eba97e23d70f99c4313c8

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:15:14 GMT
content-encoding
gzip
age
566
x-guploader-uploadid
AAANsUleMoI0hJQ22i0dEHfP0dyN_QblNXnk3NeAGaHzbBu895DxI_ZtOdrZuXGeVHhKDS5Lqb_ytCiI-tQcWlrm7w
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
24626
last-modified
Tue, 17 Mar 2020 00:20:00 GMT
server
UploadServer
etag
"9389362670f03c4ba67e892663649d76"
vary
Accept-Encoding
x-goog-hash
crc32c=lh1JsA==, md5=k4k2JnDwPEumfokmY2Sddg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1584404400942635
cache-control
public,max-age=600
x-goog-stored-content-length
24626
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 27 Apr 2020 06:25:14 GMT
/
api-js.mixpanel.com/decide/ 		65 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=1520a7c686b3f9e3b1ee87c48272d21a&ip=1&_=1587968680020
Requested by
Host: step.com
URL: https://step.com/static/js/2.528b963d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.159 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 06:24:40 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://step.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api-js.mixpanel.com/track/ 		1 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1587968680024
Requested by
Host: step.com
URL: https://step.com/static/js/2.528b963d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.159 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Apr 2020 06:24:39 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://step.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
1
/
api-js.mixpanel.com/track/ 		1 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1587968680027
Requested by
Host: step.com
URL: https://step.com/static/js/2.528b963d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.240.159 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Apr 2020 06:24:39 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://step.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
alt-svc
clear
content-length
1
url
api2.branch.io/v1/ 		42 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/url
Requested by
Host: step.com
URL: https://step.com/static/js/2.528b963d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
e5dd4b59940d257665db4f25023317b34ae389773554ab54072cf72feb26b958

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Apr 2020 06:24:40 GMT
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2-C2
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
42
x-amz-cf-id
IrM7stRFYs4EKlWZ8i7jgFvhOD_HvNWhYSwvzgwfGHwB1FdN3Dqtpw==
pageview
api2.branch.io/v1/ 		29 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: step.com
URL: https://step.com/static/js/2.528b963d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer
https://step.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Apr 2020 06:24:40 GMT
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
status
200
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
29
x-amz-cf-id
0gvjrIRo9vUn3BOpF0dSjU2CNz7u-AWuEyegND3BWFIxYjtW7e7J3g==

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| analytics object| webpackJsonphomepage function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __SENTRY__ object| regeneratorRuntime number| __mobxInstanceCount object| __mobxGlobals number| 2f1acc6c3a606b082e5eef5e54414ffb object| branch function| snaptr function| fbq function| _fbq object| mixpanel function| normalize

6 Cookies

Domain/Path Name / Value
.step.com/ Name: ajs_anonymous_id
Value: %2238c9e0b3-6e3c-49fa-8fd9-54ddd6f4a530%22
.step.com/ Name: ajs_group_id
Value: null
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBhw0AMAgDsIuQ6EhD3ungCo6vDUd3Hjcim03dYfukmzAH38vQ7lUNQa1YVPkHsfs2cjIAAAA=
.step.com/ Name: mp_1520a7c686b3f9e3b1ee87c48272d21a_mixpanel
Value: %7B%22distinct_id%22%3A%20%22171ba4f20524f-0c4c333c1c378c-37647e03-1d4c00-171ba4f2053953%22%2C%22%24device_id%22%3A%20%22171ba4f20524f-0c4c333c1c378c-37647e03-1d4c00-171ba4f2053953%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.step.com/ Name: ajs_user_id
Value: null
.step.com/ Name: _scid
Value: 19933f4e-677a-4e6b-a00b-bfe28e5ecd65

8 Console Messages

Source Level URL
Text
console-api warning URL: https://step.com/static/js/2.528b963d.chunk.js(Line 2)
Message:
Pixel not initialized before using call ReactPixel.init with required params
console-api debug URL: https://step.com/static/js/2.528b963d.chunk.js(Line 2)
Message:
2020-04-27T06:24:39.667Z [DataStore] Loaded e data: 5 ms
console-api debug URL: https://step.com/static/js/2.528b963d.chunk.js(Line 2)
Message:
2020-04-27T06:24:39.667Z [DataStore] Loaded ba data: 4 ms
console-api debug URL: https://step.com/static/js/2.528b963d.chunk.js(Line 2)
Message:
2020-04-27T06:24:39.667Z [DataStore] Loaded A data: 3 ms
console-api debug URL: https://step.com/static/js/2.528b963d.chunk.js(Line 2)
Message:
2020-04-27T06:24:40.027Z [DataStore] Loaded Aa data: 363 ms
console-api debug URL: https://step.com/static/js/2.528b963d.chunk.js(Line 2)
Message:
2020-04-27T06:24:40.027Z [DataStore] Loaded u data: 364 ms
console-api debug URL: https://step.com/static/js/2.528b963d.chunk.js(Line 2)
Message:
2020-04-27T06:24:40.046Z [DataStore] Loaded e data: 381 ms
console-api debug URL: https://step.com/static/js/2.528b963d.chunk.js(Line 2)
Message:
2020-04-27T06:24:40.055Z [DataStore] Loaded va data: 393 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
api.segment.io
api2.branch.io
app.link
assets.step.com
cdn.mxpnl.com
cdn.segment.com
connect.facebook.net
linkmaker.itunes.apple.com
play.google.com
sc-static.net
step.com
tr.snapchat.com
107.178.240.159
13.225.73.112
143.204.99.83
2600:1901:0:bc29::
2600:9000:20eb:de00:19:9934:6a80:93a1
2600:9000:21f3:6600:11:f728:3040:93a1
2a00:1450:4001:81b::200e
2a02:26f0:6c00:19e::11bd
2a03:2880:f02d:12:face:b00c:0:3
34.95.85.189
35.186.226.184
35.244.215.127
52.11.35.251
03bc4ded6b044f44820137740208144a502718202b82dc05341dcb46dbe2ec8a
0542f41ccae5cb8326ff8468fbb7680939c9cad018aa5eb79f0a87889bdb93a4
0db69cccae737788ff5b45dd2bad5bf0203ed76b26aa34d6b1286582360767e6
129f102e2c2cc26f757e933591ffd6ce00b0eb81ac3024814592a040b181a9c3
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132
2aee4c07335621476f8a914884147847ea2e5e2ae5a34cb4105f135362050f4c
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
30e4cee0fdf2474aa4585728bdd769857457ecf8e021c7c7d064c56ed4974d15
32c17ecb2519c9f45130f350acc218017e4e0b884f067f1cc063bf52ffb46293
3408eda6c1963bd5708240a1a0927203fe902f2babd9ba1c60758e92812f0a8c
42018aecfd6e54d5f7bd4cb9f1c24c310528ba453239c118146243ae02b4c6ca
488371d6d3084c2382b41f299b43bfa1750f7412e48ee27a6d493e73318b5f8d
4a627b7c18ec7930001ba5fa4046417e4156663850567e868b2223ef7b897ba8
4da32c20c4bc9a91f5696997e5b91a8e4b1ca4b460a77815b476e79884ab8859
5668160bb263b7a9e32af88ea95f89e9d48b897561a16fc9dd535abf6aa80889
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
83b2aa58b640b81d6c29ed11af1848a7203bf61f390eba97e23d70f99c4313c8
8ac0046fe27bdc19a124d4443ea68ada2d2591bbecdb41db2d690c08c6423209
a0a251d370322ca124c0ef6b481c047c689f34cab770d85f6d7cbf931c578e8e
a1a08d2a91c40af7df71cd945fce56befac30b698f67a17cdd526c0baf5e00f1
a4acdadf22982890777f1126707db67eacc9a3a1c71124789cad805e4b3e0ee2
b9c84d82310bb1e4e7d464a8430c56c56fd0c1e628be5c7cb825cf50d247cae0
bad7236844624a8391712a6f31528e4ca28401cb121bcb3aa1b980cdd9a80b1a
bc3e1b4aa16f0480831f3fbd50d77f470baa3cdfec56db7dc45daf45ec3be0cc
c340be8ea06600b19e42c0f67b16dfe5ada052090182c48cdae4c316cd707356
c3d7cea0bf29695d416cda033087c87a95720fafdf6e56fd74abaf2652898e15
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
ca5c9713e00889334d3b4e407110c7619089ffc7b7808878181d505286b101b0
cb953374075bbe2f6e0b2073c00c492aad8b5218d1a2ba6dafef467ec50fc273
ce48740f759308b1ffbca93c67a900c9121f8d4753ccdf9eca54576b187c177e
cf078c2d11ad52587d1e9223e937185db75de2ff636ba30ea748bbd98657e53d
d106af72c9523e458d20bc5508b495ae79ec056ac1d73df37683e8efaf5b73e2
da3decefaffc8d2ffa901e5666ea34e6025a7729c16740d22f118c31c29479f6
e5dd4b59940d257665db4f25023317b34ae389773554ab54072cf72feb26b958
e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5
f39a833c5c758bd3b926e9cb6c2415afd3085639ebc728d90ae6ad6d4de45644
fdb5e426fa6d12a1dc1e49ba896604ab81c58c3c1475b3d459f41b7ff753ca2d