www.stevedaines.com Open in urlscan Pro
40.123.53.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://supportstevedaines.com/
Effective URL:
https://www.stevedaines.com/
Submission: On September 19 via automatic, source certstream-suspicious (September 19th 2024, 7:49:07 pm UTC) — Scanned from CA

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 18 domains to perform 53 HTTP transactions. The main IP is 40.123.53.189, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.stevedaines.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on September 11th 2024. Valid for: a year.

This is the only time www.stevedaines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
14	40.123.53.189 40.123.53.189	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.35.170 142.251.35.170	15169 (GOOGLE) (GOOGLE)
3	104.21.27.152 104.21.27.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.40.200 142.251.40.200	15169 (GOOGLE) (GOOGLE)
1	142.251.35.163 142.251.35.163	15169 (GOOGLE) (GOOGLE)
2	142.250.65.174 142.250.65.174	15169 (GOOGLE) (GOOGLE)
3	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
2 3	185.167.164.52 185.167.164.52	198622 (ADFORM) (ADFORM)
1	185.167.164.45 185.167.164.45	198622 (ADFORM) (ADFORM)
1	3.163.245.4 3.163.245.4	16509 (AMAZON-02) (AMAZON-02)
2	13.226.38.199 13.226.38.199	16509 (AMAZON-02) (AMAZON-02)
1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
2	142.251.179.154 142.251.179.154	15169 (GOOGLE) (GOOGLE)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	142.250.72.100 142.250.72.100	15169 (GOOGLE) (GOOGLE)
2	142.250.65.227 142.250.65.227	15169 (GOOGLE) (GOOGLE)
4	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
1	142.250.72.110 142.250.72.110	15169 (GOOGLE) (GOOGLE)
1	35.166.226.67 35.166.226.67	16509 (AMAZON-02) (AMAZON-02)
53	22

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

supportstevedaines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 40.123.53.189 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: campsolazwww2.eastus2.cloudapp.azure.com

www.stevedaines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.27.152 (None, )

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.200 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.174 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.52 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.45 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.38.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-38-199.ewr53.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.179.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.226.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-226-67.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	stevedaines.com www.stevedaines.com	129 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 959 tr6.snapchat.com — Cisco Umbrella Rank: 1352	750 B
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 td.doubleclick.net — Cisco Umbrella Rank: 189 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	4 KB
4	adform.net 2 redirects a2.adform.net — Cisco Umbrella Rank: 7423 s2.adform.net — Cisco Umbrella Rank: 7642	33 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	74 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	275 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1341	162 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 10940	127 B
2	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 140	64 B
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 1827	30 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1402	177 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1113	23 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 215	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1017 B
1	supportstevedaines.com 1 redirects supportstevedaines.com	303 B
53	18

	Domain	Requested by
14	www.stevedaines.com	www.stevedaines.com
4	www.facebook.com	www.stevedaines.com
4	tr.snapchat.com	sc-static.net
3	a2.adform.net	2 redirects www.stevedaines.com
3	connect.facebook.net	www.stevedaines.com connect.facebook.net
3	www.googletagmanager.com	www.stevedaines.com www.googletagmanager.com www.google-analytics.com
3	use.fontawesome.com	www.stevedaines.com use.fontawesome.com
2	www.google.ca	www.stevedaines.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	td.doubleclick.net	www.googletagmanager.com
2	cdn.segment.com	www.stevedaines.com cdn.segment.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	api.segment.io	cdn.segment.com
1	tr6.snapchat.com	sc-static.net
1	analytics.google.com	www.googletagmanager.com
1	www.google.com	www.stevedaines.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	sc-static.net	www.stevedaines.com
1	s2.adform.net	www.stevedaines.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	www.stevedaines.com
1	fonts.googleapis.com	www.stevedaines.com
1	supportstevedaines.com	1 redirects
53	23

This site contains links to these domains. Also see Links.

Domain
tandcs.us

Subject Issuer	Validity	Valid
stevedaines.com GeoTrust TLS RSA CA G1	`2024-09-11` - `2025-10-03`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
use.fontawesome.com WE1	`2024-09-09` - `2024-12-09`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-29` - `2024-09-27`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.ca WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.stevedaines.com/
Frame ID: FD458CDE72740C8F0193982B3CC2F63B
Requests: 49 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/657360053?random=1726775342675&cv=11&fst=1726775342675&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49h0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.stevedaines.com%2F&hn=www.googleadservices.com&frm=0&tiba=Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&npa=0&pscdl=noapi&auid=1578021336.1726775343&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A6909B6C3F3F600CFE62BE711F83D916
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=27e5d0ff-4736-4e69-a359-7135a70cf08c&u_scsid=2c2c3803-dad0-4347-985a-c58321791a8a&u_sclid=c620d180-2f23-4a39-a8aa-b9f5d116ed1b
Frame ID: CB8FB66D87CE8FF7CC11D52FB3A1B208
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-R8TWFSBW8Y&gacid=1559570439.1726775343&gtm=45je49h0v9136553859za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=0&z=1848375605
Frame ID: F21323E9DCB80DE6B0DEDAA3A6C2569F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Steve Daines for U.S. Senate | SteveDaines.com

Page URL History Show full URLs

https://supportstevedaines.com/ HTTP 301
https://www.stevedaines.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

53
Requests

94 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

22
IPs

3
Countries

795 kB
Transfer

3597 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tandcs.us/sdmt/
Title: terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://supportstevedaines.com/ HTTP 301
https://www.stevedaines.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 37

https://a2.adform.net/Serving/TrackPoint/?pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=28395290078&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2F&Set1=en-CA%7Cen-CA%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=28395290078&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2F&Set1=en-CA%7Cen-CA%7C1600x1200%7C24

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.stevedaines.com/
Redirect Chain

https://supportstevedaines.com/
https://www.stevedaines.com/

28 KB
7 KB

155ms
43ms

Document
text/html

40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 3bee29ff9c0702f18e4dc2c16f481def8d7dc7f054465d0ee592400c8270c120

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=3, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Sep 2024 19:49:01 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding,Cookie

Redirect headers

Connection: close
Content-Length: 62
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Sep 2024 19:49:01 GMT
Location: https://www.stevedaines.com
Server: ip-10-123-124-55.ec2.internal
Vary: Accept-Encoding
X-Request-Id: f1be6c41-bdc4-4f48-8fdb-d3d884cec548

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1017 B 190ms
53ms Stylesheet
text/css 142.251.35.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f10.1e100.net

Software

ESF /

Resource Hash

43bdc741a39d63ea7941307ed84368023175dddc6f79748578fcc312cf91b874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 19:49:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 19:49:01 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 18:31:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.1/css/ 52 KB
12 KB 223ms
117ms Stylesheet
text/css 104.21.27.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.27.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.stevedaines.com
Referer: https://www.stevedaines.com/

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
etag: W/"b8085bf2c839791244bd95f56fb93c01"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DxdYbDMe1yuKieVcKjsCNQJ0JFlCtYgcF%2FNDM1jqqk3MlO8EzV0x%2Fe0tS1Y8lp498XdUcLx31EKmAzHAxq%2FfxPyr2pSMDR5vuoYmQIIBmB5so17bWCLr52DFsuyVDwScvUZznPSG"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5c18befcc9a223-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:41 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK style.min.css
www.stevedaines.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 125ms
47ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "1bae5-615c107c69b3c-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 14991
Date: Thu, 19 Sep 2024 19:49:01 GMT
Last-Modified: Wed, 10 Apr 2024 17:04:23 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: text/css

GET
H/1.1 200
OK bootstrap.min.css
www.stevedaines.com/wp-content/themes/stevedaines/css/ 120 KB
20 KB 128ms
49ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/css/bootstrap.min.css?ver=6.5.5
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 416dfabb1ba6878336a0cc23a509cc20cd2203ba0c9e31de37bd64410d18cb8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "1dead-57d3a368b7aa3-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 19885
Date: Thu, 19 Sep 2024 19:49:01 GMT
Last-Modified: Mon, 17 Dec 2018 16:24:20 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: text/css

GET
H/1.1 200
OK main.css
www.stevedaines.com/wp-content/themes/stevedaines/css/ 29 KB
5 KB 126ms
43ms Stylesheet
text/css 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/css/main.css?ver=6.5.5
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 34b0ca11106fd9fe9fe89e9b18a0e19988b0927848e8ee84796a6817e6852f6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "7483-605e29f340c00-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 5222
Date: Thu, 19 Sep 2024 19:49:01 GMT
Last-Modified: Thu, 21 Sep 2023 18:25:52 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: text/css

GET
H/1.1 200
OK gf-ems-conv.js Show response
www.stevedaines.com/wp-content/plugins/gf-bh-connection/js/ 710 B
655 B 126ms
43ms Script
application/javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/plugins/gf-bh-connection/js/gf-ems-conv.js?ver=6.5.5
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 12d194e5b8906b28d6d121cb6ffa7591a918e88a053cbd67c3cd30aacfdd3012

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "2c6-5a459b5dcdd2f-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 358
Date: Thu, 19 Sep 2024 19:49:01 GMT
Last-Modified: Tue, 28 Apr 2020 13:21:33 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.min.js Show response
www.stevedaines.com/wp-includes/js/jquery/ 86 KB
30 KB 180ms
97ms Script
application/javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "15601-615c107c439d9-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 30368
Date: Thu, 19 Sep 2024 19:49:01 GMT
Last-Modified: Wed, 10 Apr 2024 17:04:23 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.stevedaines.com/wp-includes/js/jquery/ 13 KB
5 KB 271ms
53ms Script
application/javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "3509-605e149fa4d73-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 4872
Date: Thu, 19 Sep 2024 19:49:02 GMT
Last-Modified: Thu, 21 Sep 2023 16:50:27 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK bootstrap.min.js Show response
www.stevedaines.com/wp-content/themes/stevedaines/js/ 36 KB
10 KB 270ms
52ms Script
application/javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/js/bootstrap.min.js?ver=6.5.5
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 2ad0bcdeda45c15262fe2f189dfdf10dddb770e10a0a882dc8352c4f7ecede99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "8fd1-57d3a36911825-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 9746
Date: Thu, 19 Sep 2024 19:49:02 GMT
Last-Modified: Mon, 17 Dec 2018 16:24:20 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK script.js Show response
www.stevedaines.com/wp-content/themes/stevedaines/js/ 178 B
452 B 295ms
43ms Script
application/javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/js/script.js?ver=6.5.5
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: c256c15a40d6d397452697b45b47b8c157a89061c144587120476926d76dcbb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "b2-57d3a36920285-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 156
Date: Thu, 19 Sep 2024 19:49:02 GMT
Last-Modified: Mon, 17 Dec 2018 16:24:20 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H3 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ 23 KB
7 KB 128ms
37ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.min.js?ver=1.16.0

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-5a1e"
age: 8719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FR5EqV0xKDGa3B4keuI7vNhhaTq3Xx4nyrNLnKS5%2B32nnc%2B4mM%2BfzXB5jplj1B%2Bel2eYNNMX5YpUHf12LtwuINZG8L1b%2BfGhEgVKIWkCYKe8DSIf%2Bte4AisYlXrN7%2FURmWpdyk5G"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 09 Sep 2025 19:49:01 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 19:49:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c5c18befc66a235-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6638
server: cloudflare

GET
H/1.1 200
OK jquery.watermark.min.js Show response
www.stevedaines.com/wp-content/themes/stevedaines/js/libs/ 5 KB
2 KB 306ms
43ms Script
application/javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/js/libs/jquery.watermark.min.js?ver=3.1.4
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 23c0fbb5b849bb313096aba07043a423ef00cb1c69dbd0cd3d020d77a257a780

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "1432-536e2c3339640-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 1976
Date: Thu, 19 Sep 2024 19:49:02 GMT
Last-Modified: Tue, 05 Jul 2016 12:40:49 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H/1.1 200
OK bg-feature.jpg
www.stevedaines.com/wp-content/themes/stevedaines/images/ 1 MB
0 204ms
53ms Image
image/jpeg 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/images/bg-feature.jpg
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

ETag: "17c346-57f1d85fa2b33"
Connection: close
Accept-Ranges: bytes
Content-Length: 1557318
Date: Thu, 19 Sep 2024 19:49:02 GMT
Last-Modified: Thu, 10 Jan 2019 17:01:02 GMT
Content-Type: image/jpeg
Server: Apache

GET
H/1.1 200
OK common.js Show response
www.stevedaines.com/wp-content/themes/stevedaines/js/ 3 KB
1 KB 300ms
43ms Script
application/javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/js/common.js?ver=1.0.0
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 4f87d30460acafe9bf8d9b95cc2e77cea715c04251a2fb39a3012f83f04d14f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "ac6-57d5111529100-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 1083
Date: Thu, 19 Sep 2024 19:49:02 GMT
Last-Modified: Tue, 18 Dec 2018 19:40:20 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET ed9ab53d-08f2-4d9e-a0ba-4bcef91a9181
https://www.stevedaines.com/ Frame 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 276 KB
96 KB 211ms
75ms Script
application/javascript 142.251.40.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCNRKPG

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.200 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f04c88b549bde52d5a644e661fd5e370659b80d1db05b28ab2636b76305520a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 19:49:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:43:17 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 98267
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK logo.png
www.stevedaines.com/wp-content/themes/stevedaines/images/ 27 KB
27 KB 225ms
41ms Image
image/png 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stevedaines.com/wp-content/themes/stevedaines/images/logo.png
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/wp-content/themes/stevedaines/css/main.css?ver=6.5.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 6da4ddccfc9fa00e4889af706b779c214ed0d36c79cd88e2238334829762fe33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/wp-content/themes/stevedaines/css/main.css?ver=6.5.5

Response headers

ETag: "6b4d-57d3a368ec664"
Connection: close
Accept-Ranges: bytes
Content-Length: 27469
Date: Thu, 19 Sep 2024 19:49:02 GMT
Last-Modified: Mon, 17 Dec 2018 16:24:20 GMT
Content-Type: image/png
Server: Apache

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 115ms
32ms Font
font/woff2 142.251.35.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.stevedaines.com
Referer: https://fonts.googleapis.com/

Response headers

age: 100132
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 16:00:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 16:00:10 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 77 KB
78 KB 100ms
99ms Font
font/woff2 104.21.27.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.27.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.stevedaines.com
Referer: https://use.fontawesome.com/releases/v5.6.1/css/all.css

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "59ea9019c9b9bc4d83ab9783e830735c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5h%2BITIs%2FqH9t3QWrVx91TN8kQ6FIz91zAygWQEdxt0%2FsGAafvyIHLcND3o9u0axIMu0UvP%2BcXhbzUt3vEba%2Fyqb%2BqSxT0McoWaI%2BWUzbn%2FjaTd2XnjV0UXKKYxCLwj4i5IXSVnSr"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5c18c12ebaa223-YYZ
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 79072
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:45:43 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 72 KB
73 KB 119ms
118ms Font
font/woff2 104.21.27.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.27.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c885e9f2017a2ed7075db9e876d40a04aa3208114443803bdb120a34afd3b1d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.stevedaines.com
Referer: https://use.fontawesome.com/releases/v5.6.1/css/all.css

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "f80b8a05dd76fdb40e630f1e90b1303d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdtiNkmglq3XwoWCAIqQGEpj34sMz8k%2FHdjCgwIedc4HwneuNNXzuHfTEEUauDJfaaEyjTgr4DZwNCsoGuQMjT2amMZQn58721FTESD3RPCnAPnL9YwTUxB0EoIeSppI%2B2ietl1T"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5c18c12ebfa223-YYZ
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 73936
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:45:44 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.stevedaines.com/wp-includes/js/ 18 KB
5 KB 450ms
43ms Script
application/javascript 40.123.53.189
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stevedaines.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: campsolazwww2.eastus2.cloudapp.azure.com
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

Content-Encoding: gzip
ETag: "4926-615c107c468b9-gzip"
Connection: close
Accept-Ranges: bytes
Content-Length: 5062
Date: Thu, 19 Sep 2024 19:49:02 GMT
Last-Modified: Wed, 10 Apr 2024 17:04:23 GMT
Vary: Accept-Encoding
Server: Apache
Content-Type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 123ms
36ms Script
text/javascript 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCNRKPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 6178
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 20:06:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
date: Thu, 19 Sep 2024 18:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 96ms
50ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=5, ullat=-1
pragma: public
x-fb-debug: n/49hbYiN/+afTDRV9LzDAIekxSZPcEqaMSIH5YhmDnLLSIjbGE8FJra/nyfD4bJs/WgoghyxzeK1aH2MXRuwg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 58953
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 81ms
76ms Script
application/javascript 142.251.40.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-657360053

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCNRKPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.200 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bac36d42efeef2ec5edb2d9efcc4a0f42e84e7e2ad0f10444113b4949e5cc73c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 19:49:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:43:17 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 85013
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
31 KB

171ms
76ms

Script
application/javascript

185.167.164.45
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: H2
Server: 185.167.164.45 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

x-cache-status: HIT, BYPASS, HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-amz-request-id: tx00000a762dbecf9209264-006657c4e1-329875c8-default
access-control-allow-origin: *
date: Thu, 19 Sep 2024 19:49:02 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Fri, 08 Mar 2024 07:02:31 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: text/html
server: nginx

GET
H2 200 scevent.min.js Show response
sc-static.net/ 54 KB
23 KB 142ms
61ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9bdf81bf0ffae2df5e65fbc07d2b3d49a323963ea44470492b4b02a232b8ee7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 bc3e3445494dc5a4f9373d4212505c68.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23393
x-amz-cf-id: -1kOdSW8u0Bynz3BFHmqDoEEI07R1rVhd58EC49Hs2lIx8zMEgMSpQ==
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: YUL62-P1
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/6UI9OrOBYawXgtN2I6IM4N0NO3Vmkebs/ 103 KB
29 KB 682ms
352ms Script
text/javascript 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/6UI9OrOBYawXgtN2I6IM4N0NO3Vmkebs/analytics.min.js
Requested by: Host: www.stevedaines.com
URL: https://www.stevedaines.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fde289672df03d6455bcc48068a53df6f6002f23e9edb1a63bd88da384dbaa2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: O3dK0Nl.5CpxH1kHCe.nvBdUXHgTY1Nf
etag: W/"48e3d53da4f63758b1445166b2844afe"
access-control-allow-methods: GET, HEAD
x-cache: RefreshHit from cloudfront
x-amz-cf-id: KLOw63F7B4dGA7_C9NjMyV9aucLBF3AYQ7Ap7v1Rk_WDWlffG4hNbA==
date: Thu, 19 Sep 2024 19:49:04 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jul 2024 23:17:20 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 47f167ca4b48d927b2e7abade7ebfcfc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/657360053/ 5 KB
2 KB 132ms
58ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/657360053/?random=1726775342675&cv=11&fst=1726775342675&bg=ffffff&guid=ON&async=1&gtm=45be49h0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.stevedaines.com%2F&hn=www.googleadservices.com&frm=0&tiba=Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&npa=0&pscdl=noapi&auid=1578021336.1726775343&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-657360053

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

38c9d32d9458fca5bad7fcb62b9d53346c249061b06a4e3550e7b67e6beb55a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2303
date: Thu, 19 Sep 2024 19:49:02 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 657360053
td.doubleclick.net/td/rul/ Frame A690 0
0 212ms
136ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/657360053?random=1726775342675&cv=11&fst=1726775342675&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49h0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.stevedaines.com%2F&hn=www.googleadservices.com&frm=0&tiba=Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&npa=0&pscdl=noapi&auid=1578021336.1726775343&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-657360053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Sep 2024 19:49:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
224 B 49ms
47ms XHR
text/plain 142.250.65.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=950820997&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stevedaines.com%2F&ul=en-ca&de=UTF-8&dt=Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=1002531437&gjid=1590746645&cid=1559570439.1726775343&tid=UA-45510217-1&_gid=646769317.1726775343&_slc=1&gtm=45He49h0n81WCNRKPGza200&cd1=2024-09-19T12%3A49%3A02.528-07%3A00&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421&z=932596254

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

38401096bffb610f5fcd09a7e8f06439b220d04bba7ef1e1cc9d9d1031298dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.stevedaines.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.stevedaines.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
date: Thu, 19 Sep 2024 19:49:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 141ms
48ms XHR
text/plain 142.251.179.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45510217-1&cid=1559570439.1726775343&jid=1002531437&gjid=1590746645&_gid=646769317.1726775343&_u=YGBAiEABBAAAAGAAI~&z=623472512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.stevedaines.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
date: Thu, 19 Sep 2024 19:49:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 1735575306772755 Show response
connect.facebook.net/signals/config/ 66 KB
13 KB 203ms
202ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1735575306772755?v=2.9.167&r=stable&domain=www.stevedaines.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

83c0f8684dff5f8ef208d205557d448e939a4b5b76bb589163fe0814cd8c8689

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=74, mss=1232, tbw=67137, tp=63, tpl=0, uplat=166, ullat=0
pragma: public
x-fb-debug: TL1gLfz4cwrMtEuEHqG7w67ICzPSV/wvEJ0IBEE/mJtY1NN38VuiFaYmAuGd3syALL9krej2aQjpIfNCNSXzuQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
95 KB 87ms
86ms Script
application/javascript 142.251.40.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R8TWFSBW8Y&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.200 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1b69c0d46b0abe418a483ad7500f2ac5df46b5e8302d5a2b6d5dd5ab47b7ba75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 19:49:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97447
date: Thu, 19 Sep 2024 19:49:02 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 27e5d0ff-4736-4e69-a359-7135a70cf08c.json Show response
tr.snapchat.com/config/com/ 100 B
402 B 166ms
111ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/27e5d0ff-4736-4e69-a359-7135a70cf08c.json?v=3.28.2-2409172358

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 41
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google, 1.1 google
access-control-allow-origin: https://www.stevedaines.com
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame CB8F 0
0 122ms
74ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=27e5d0ff-4736-4e69-a359-7135a70cf08c&u_scsid=2c2c3803-dad0-4347-985a-c58321791a8a&u_sclid=c620d180-2f23-4a39-a8aa-b9f5d116ed1b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.stevedaines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Thu, 19 Sep 2024 19:49:02 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 1

GET
H3 200 /
www.google.com/pagead/1p-user-list/657360053/ 42 B
64 B 140ms
65ms Image
image/gif 142.250.72.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/657360053/?random=1726775342675&cv=11&fst=1726772400000&bg=ffffff&guid=ON&async=1&gtm=45be49h0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.stevedaines.com%2F&hn=www.googleadservices.com&frm=0&tiba=Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&npa=0&pscdl=noapi&auid=1578021336.1726775343&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfFKMx9EeMwF0wgd3f3Xd8XFPWTXhhPw&random=491282786&rmt_tld=0&ipr=y

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 19 Sep 2024 19:49:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/657360053/ 42 B
64 B 107ms
58ms Image
image/gif 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/657360053/?random=1726775342675&cv=11&fst=1726772400000&bg=ffffff&guid=ON&async=1&gtm=45be49h0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.stevedaines.com%2F&hn=www.googleadservices.com&frm=0&tiba=Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&npa=0&pscdl=noapi&auid=1578021336.1726775343&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfFKMx9EeMwF0wgd3f3Xd8XFPWTXhhPw&random=491282786&rmt_tld=1&ipr=y

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 19 Sep 2024 19:49:02 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=28395290078&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2F&Set1=en-CA%7Cen-CA%7C1600x1200%7C24
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=28395290078&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2F&Set1=en-CA%7Cen-CA%7C1600x1200%...

111 B
713 B

45ms
38ms

Script
text/javascript

185.167.164.52
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=28395290078&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2F&Set1=en-CA%7Cen-CA%7C1600x1200%7C24

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Server

185.167.164.52 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

57948cb265a67db2b1e0b61250933cba42c7d2516dd2d6ed80e3ff36e2360268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 184
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2126571&ADFPageName=Remarketing&ADFdivider=%7C&ord=28395290078&ADFtpmode=2&loc=https%3A%2F%2Fwww.stevedaines.com%2F&Set1=en-CA%7Cen-CA%7C1600x1200%7C24
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Thu, 19 Sep 2024 19:49:02 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H3 200 643219762894676 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 139ms
138ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/643219762894676?v=2.9.167&r=stable&domain=www.stevedaines.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

90cae621bdefff527aa5fd60d5beacee8b6e3f1a68a3f67c5c49850539bc0efb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 19 Sep 2024 19:49:03 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=85, mss=1232, tbw=80977, tp=76, tpl=0, uplat=103, ullat=0
pragma: public
x-fb-debug: 8XEVPz53I4Fu3ojFIrDcD26wLIFc3hUQQVAoRY81pXKo0vwE/aIq486CSDKiWSaew1YmDgXnVQRVAYNeJXGUrg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 178ms
36ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1735575306772755&ev=PageView&dl=https%3A%2F%2Fwww.stevedaines.com%2F&rl=&if=false&ts=1726775342969&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726775342967.493207872316295404&ler=empty&cdl=API_unavailable&it=1726775342743&coo=false&rqm=GET

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1316, tbw=2828, tp=-1, tpl=-1, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 19 Sep 2024 19:49:03 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 291ms
149ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1735575306772755&ev=PageView&dl=https%3A%2F%2Fwww.stevedaines.com%2F&rl=&if=false&ts=1726775342969&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726775342967.493207872316295404&ler=empty&cdl=API_unavailable&it=1726775342743&coo=false&rqm=FGET

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416443626144065710"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 19:49:03 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: oQl+fyrt0ZfKrfvYFoInoZE0/uJrRyiwsVYmB9B3r0KPCnpxuBzTw6YLztj1ew5zwlBpwMMtHZofvNParP1/qg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416443626144065710", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=21, mss=1316, tbw=3363, tp=-1, tpl=-1, uplat=112, ullat=1
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 204 collect
analytics.google.com/g/ 0
0 388ms
301ms Fetch
text/plain 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-R8TWFSBW8Y&gtm=45je49h0v9136553859za200&_p=1726775342195&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=1559570439.1726775343&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.stevedaines.com%2F&dt=Steve%20Daines%20for%20U.S.%20Senate%20%7C%20SteveDaines.com&sid=1726775343&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=2024-09-19T12%3A49%3A02.528-07%3A00&tfd=1564
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8TWFSBW8Y&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s32-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.stevedaines.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 19:49:03 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 49ms
47ms Ping
text/plain 142.251.179.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-R8TWFSBW8Y&cid=1559570439.1726775343&gtm=45je49h0v9136553859za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8TWFSBW8Y&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: pd-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.stevedaines.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 19:49:03 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame F213 0
0 67ms
63ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-R8TWFSBW8Y&gacid=1559570439.1726775343&gtm=45je49h0v9136553859za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=0&z=1848375605

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8TWFSBW8Y&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stevedaines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Sep 2024 19:49:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 100ms
99ms Image
image/gif 142.250.65.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-R8TWFSBW8Y&cid=1559570439.1726775343&gtm=45je49h0v9136553859za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=941616417

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 19 Sep 2024 19:49:03 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 p
tr.snapchat.com/ 0
257 B 134ms
89ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: https://www.stevedaines.com
content-length: 0
date: Thu, 19 Sep 2024 19:49:03 GMT
server: API Gateway

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 38ms
37ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=643219762894676&ev=PageView&dl=https%3A%2F%2Fwww.stevedaines.com%2F&rl=&if=false&ts=1726775343115&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726775342967.493207872316295404&ler=empty&cdl=API_unavailable&it=1726775342743&coo=false&rqm=GET

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1316, tbw=3216, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 19 Sep 2024 19:49:03 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
848 B 159ms
159ms Image
image/png 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=643219762894676&ev=PageView&dl=https%3A%2F%2Fwww.stevedaines.com%2F&rl=&if=false&ts=1726775343115&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1726775342967.493207872316295404&ler=empty&cdl=API_unavailable&it=1726775342743&coo=false&rqm=FGET

Requested by

Host: www.stevedaines.com
URL: https://www.stevedaines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416443626586068833"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 19:49:03 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: dMoaHI/roK6IDHcWABUuufF7jq/XZm4OaALuSwSewEKEZeA5DoIvt0o9WBwTYVhW/pUOcoL5rF4AqgJCB9rhvQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416443626586068833", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=21, mss=1316, tbw=6608, tp=-1, tpl=-1, uplat=122, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 p
tr6.snapchat.com/ 0
46 B 83ms
79ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.stevedaines.com/

Response headers

via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 19:49:03 GMT
x-envoy-upstream-service-time: 1
server: API Gateway

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/6UI9OrOBYawXgtN2I6IM4N0NO3Vmkebs/ 618 B
1 KB 115ms
44ms Fetch
application/json 13.226.38.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/6UI9OrOBYawXgtN2I6IM4N0NO3Vmkebs/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/6UI9OrOBYawXgtN2I6IM4N0NO3Vmkebs/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-38-199.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d938bd015611f061e457809f8595814264bff9ef245c5f904237735a2b0172e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.stevedaines.com/

Response headers

access-control-max-age: 3000
x-amz-version-id: Hc4hek1BZpiEB0o19QV1OPvGZRH1wQXr
etag: "5a7271a2365923271c1c76944dcc53d6"
age: 2040
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: EJtyLeqTYBTgM1Pzi8mwhziMIbSmMcBr-mX8XAa81d1re_cne2aqhQ==
date: Thu, 19 Sep 2024 19:15:04 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 25 Jul 2024 22:24:42 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 618
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
177 B 395ms
98ms Fetch
application/json 35.166.226.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/6UI9OrOBYawXgtN2I6IM4N0NO3Vmkebs/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.226.67 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-226-67.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.stevedaines.com
content-length: 21
date: Thu, 19 Sep 2024 19:49:03 GMT
content-type: application/json
vary: Origin

POST
H2 200 p
tr.snapchat.com/ 0
45 B 78ms
74ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.stevedaines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: https://www.stevedaines.com
content-length: 0
date: Thu, 19 Sep 2024 19:49:03 GMT
server: API Gateway

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.stevedaines.com
URL: blob:https://www.stevedaines.com/ed9ab53d-08f2-4d9e-a0ba-4bcef91a9181

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 23:41:01	Name: X-AB Value: fac5ecc1f9ad4f1cabf1ec2085b2d197
.stevedaines.com/	1970-01-21 01:49:11	Name: _gcl_au Value: 1.1.1578021336.1726775343
.stevedaines.com/	1970-01-21 09:15:35	Name: _ga Value: GA1.2.1559570439.1726775343
.stevedaines.com/	1970-01-20 23:41:01	Name: _gid Value: GA1.2.646769317.1726775343
.stevedaines.com/	1970-01-20 23:39:35	Name: _dc_gtm_UA-45510217-1 Value: 1
.stevedaines.com/	1970-01-21 09:09:22	Name: _scid Value: 2aEwUYIyOQBESK9m9u-AgCK2_NuaRDIS
.stevedaines.com/	1970-01-21 09:09:22	Name: _scid_r Value: 2aEwUYIyOQBESK9m9u-AgCK2_NuaRDIS
.adform.net/	1970-01-21 00:22:47	Name: C Value: 1
.stevedaines.com/	1970-01-21 01:49:11	Name: _fbp Value: fb.1.1726775342967.493207872316295404
.adform.net/	1970-01-21 01:06:02	Name: uid Value: 5619033196809989023
.stevedaines.com/	1970-01-21 09:15:35	Name: _ga_R8TWFSBW8Y Value: GS1.2.1726775343.1.0.1726775343.60.0.0
.stevedaines.com/	1970-01-20 23:49:40	Name: _ScCbts Value: %5B%5D
.doubleclick.net/	1970-01-21 09:15:35	Name: IDE Value: AHWqTUmVFJu5W3Xf3adayF3ntUHBFZ_fOUQScDSNq9l6oQ4TuRbveKzOAaaJRLyv
.stevedaines.com/	1970-01-21 08:25:11	Name: ajs_anonymous_id Value: 7ec393c7-d558-4049-8329-aa7c4904398b
.snapchat.com/	1970-01-21 09:01:11	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwREAIQgEsIqYAUFW7EZBq7D4+15ecQjnPkUatcjgSWtY0KkbLXYhazwxnoLmQFfT9yt/ZR6e30AAAAA=
.tapad.com/	1970-01-21 01:05:59	Name: TapAd_TS Value: 1726775343824
.tapad.com/	1970-01-21 01:05:59	Name: TapAd_DID Value: 03899fed-f9fa-4c96-b576-85ba2fc7ebdf
.tapad.com/	1970-01-21 01:05:59	Name: TapAd_3WAY_SYNCS Value:
.stevedaines.com/	1970-01-21 09:09:22	Name: _sctr Value: 1%7C1726729200000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.adform.net
analytics.google.com
api.segment.io
cdn.segment.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
s2.adform.net
sc-static.net
stats.g.doubleclick.net
supportstevedaines.com
td.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.stevedaines.com
www.stevedaines.com
104.17.25.14
104.21.27.152
13.226.38.199
142.250.65.174
142.250.65.227
142.250.72.100
142.250.72.110
142.250.80.34
142.250.80.98
142.251.179.154
142.251.35.163
142.251.35.170
142.251.40.200
15.197.225.128
185.167.164.45
185.167.164.52
3.163.245.4
31.13.71.36
31.13.71.7
35.166.226.67
35.190.43.134
40.123.53.189
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11
0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3
12d194e5b8906b28d6d121cb6ffa7591a918e88a053cbd67c3cd30aacfdd3012
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1b69c0d46b0abe418a483ad7500f2ac5df46b5e8302d5a2b6d5dd5ab47b7ba75
23c0fbb5b849bb313096aba07043a423ef00cb1c69dbd0cd3d020d77a257a780
2ad0bcdeda45c15262fe2f189dfdf10dddb770e10a0a882dc8352c4f7ecede99
34b0ca11106fd9fe9fe89e9b18a0e19988b0927848e8ee84796a6817e6852f6f
38401096bffb610f5fcd09a7e8f06439b220d04bba7ef1e1cc9d9d1031298dcc
38c9d32d9458fca5bad7fcb62b9d53346c249061b06a4e3550e7b67e6beb55a9
3bee29ff9c0702f18e4dc2c16f481def8d7dc7f054465d0ee592400c8270c120
416dfabb1ba6878336a0cc23a509cc20cd2203ba0c9e31de37bd64410d18cb8f
43bdc741a39d63ea7941307ed84368023175dddc6f79748578fcc312cf91b874
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f87d30460acafe9bf8d9b95cc2e77cea715c04251a2fb39a3012f83f04d14f3
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
57948cb265a67db2b1e0b61250933cba42c7d2516dd2d6ed80e3ff36e2360268
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da4ddccfc9fa00e4889af706b779c214ed0d36c79cd88e2238334829762fe33
7d938bd015611f061e457809f8595814264bff9ef245c5f904237735a2b0172e
83c0f8684dff5f8ef208d205557d448e939a4b5b76bb589163fe0814cd8c8689
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
90cae621bdefff527aa5fd60d5beacee8b6e3f1a68a3f67c5c49850539bc0efb
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9bdf81bf0ffae2df5e65fbc07d2b3d49a323963ea44470492b4b02a232b8ee7c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bac36d42efeef2ec5edb2d9efcc4a0f42e84e7e2ad0f10444113b4949e5cc73c
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c256c15a40d6d397452697b45b47b8c157a89061c144587120476926d76dcbb5
c885e9f2017a2ed7075db9e876d40a04aa3208114443803bdb120a34afd3b1d6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04c88b549bde52d5a644e661fd5e370659b80d1db05b28ab2636b76305520a2
fde289672df03d6455bcc48068a53df6f6002f23e9edb1a63bd88da384dbaa2b

www.stevedaines.com Open in urlscan Pro 40.123.53.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

94 %HTTPS

0 %IPv6

18 Domains

23 Subdomains

22 IPs

3 Countries

795 kBTransfer

3597 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.stevedaines.com Open in urlscan Pro
40.123.53.189 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

94 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

22
IPs

3
Countries

795 kB
Transfer

3597 kB
Size

19
Cookies

53 HTTP transactions
0 data transactions