urlscan.io logo urlscan.io
SecurityTrails logo

web.step.app Open in urlscan Pro
2606:4700:20::681a:107  Public Scan

Go To Rescan Add Verdict Report
URL: https://web.step.app/
Submission: On January 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2606:4700:20::681a:107, located in United States and belongs to CLOUDFLARENET, US. The main domain is web.step.app.
TLS certificate: Issued by GTS CA 1P5 on December 17th 2023. Valid for: 3 months.
This is the only time web.step.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2606:4700:20::681a:107 (United States)

ASN13335 (CLOUDFLARENET, US)
web.step.app
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
1    2606:4700:20::ac43:45c4 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-preupdate.step.app
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
widget.intercom.io
2    99.84.88.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-63.muc50.r.cloudfront.net
js.intercomcdn.com
1    52.73.162.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-162-54.compute-1.amazonaws.com
api-iam.intercom.io
1    15.197.143.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com
downloads.intercomcdn.com
Apex Domain
Subdomains		 Transfer
11 step.app
web.step.app
cdn-preupdate.step.app
1 MB
4 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 3647
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 557
1 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2157
downloads.intercomcdn.com — Cisco Umbrella Rank: 12241
399 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
248 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1661
api-iam.intercom.io — Cisco Umbrella Rank: 2016
6 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
306 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6518
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
252 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616
54 B
27 9
Domain Requested by
10 web.step.app 1 redirects web.step.app
3 www.googletagmanager.com web.step.app
www.googletagmanager.com
2 js.intercomcdn.com widget.intercom.io
2 firebaseinstallations.googleapis.com web.step.app
2 region1.google-analytics.com www.googletagmanager.com
2 firebase.googleapis.com web.step.app
1 downloads.intercomcdn.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io web.step.app
1 www.google.de web.step.app
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdn-preupdate.step.app web.step.app
27 13

This site contains links to these domains. Also see Links.

Domain
step.app
Subject Issuer Validity Valid
step.app
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
intercom-attachments-9.com
Amazon RSA 2048 M03		 2024-01-18 -
2025-02-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://web.step.app/
Frame ID: 9E844C5FB3010DC13047B5A85C53428D
Requests: 20 HTTP requests in this frame

Frame: https://web.step.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 598AFAB7807B17052F0F3A3616669BB7
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.60152aab.js
Frame ID: 8BE3A2C7BB172A107A0BF7A26F5BBB8A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Step App | Web

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

96 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

2119 kB
Transfer

26335 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://web.step.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://web.step.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
web.step.app/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.step.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2acd41e8d7c9eae2153073e4701d1d55468e572f6b8540ccbe50c2b2edfd9c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type Range User-Agent X-Requested-With
access-control-allow-methods
GET HEAD OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
cache-control
max-age=60, stale-while-revalidate=3600
cdn-cache
REVALIDATED
cdn-cachedat
11/10/2023 19:35:54
cdn-edgestorageid
1082
cdn-proxyver
1.04
cdn-pullzone
972527
cdn-requestcountrycode
DE
cdn-requestid
154083475c83a4ec215d687a57178466
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
cf-cache-status
DYNAMIC
cf-ray
84cca8ff3e199bca-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Sun, 28 Jan 2024 22:26:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ai%2Fx4V1n3C5ijHykIJOJLEB4QCtGgRLlK0Wh02w5iWgnUt33h7yoXItjkK9G1S9IvNP3HOEIIQ7oeO8o5qXPQC8n1orh8igcC7GRiGfDI6AqNz7kLD6P6ptns3On2pNzhee9TeJEhfe5LA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache-status
MISS
x-content-type-options
nosniff
x-ipfs-path
/ipfs/bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq/
x-ipfs-roots
bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq
x-request-id
31ff002119d49716c9e62ef015ac793a
x-xss-protection
0
index-c9afe529.js
web.step.app/assets/ 		1 MB
438 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.step.app/assets/index-c9afe529.js
Requested by
Host: web.step.app
URL: https://web.step.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0814e002ad0ee277700afa57a301fc5d07f2c4c770fe09a814610d9221d8e739
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://web.step.app/
Origin
https://web.step.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
cdn-pullzone
972527
referrer-policy
strict-origin-when-cross-origin
cdn-proxyver
1.04
x-ipfs-roots
bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq,QmdBBkEwXiimSZWn4p9vjkMaLcmQPMFMdUuJqJb6QUtdnM,QmaFfxsksHVKWX9W146kXsNNLtNfJy8X5e4YzNKqAFn6pH
etag
W/"QmaFfxsksHVKWX9W146kXsNNLtNfJy8X5e4YzNKqAFn6pH"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
max-age=14400, stale-while-revalidate=3600
x-ipfs-path
/ipfs/bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq/assets/index-c9afe529.js
cdn-requestcountrycode
DE
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
date
Sun, 28 Jan 2024 22:26:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1080
x-cache-status
MISS
cdn-cachedat
11/10/2023 20:50:00
x-xss-protection
0
x-request-id
b807918a642d39d543ce47b531b46ab1
server
cloudflare
cdn-requestpullcode
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jh0UmjylgANX8lsPwSEL36TSqpz2E2zgk9A2IPIBPOQOAWGvyrZE0lSd7WNau1BYN%2B8KTRSjsMB1E0Kevm51g3889YdLdn3quvtOFkwGFYIrKJU2kSDxThtCzUEfzuZMWjF0vsVMRsY88A%3D%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid
5270a71d826bd0b539c5aab9c842c5a1
cf-ray
84cca8ff7e669bca-FRA
cdn-status
200
cdn-requestpullsuccess
True
index-ae585b0b.js
web.step.app/assets/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.step.app/assets/index-ae585b0b.js
Requested by
Host: web.step.app
URL: https://web.step.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37dc41a593d3a8bbc60a873681f169352aede345582f16cbc31bc6b9804f378
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://web.step.app/
Origin
https://web.step.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
cdn-pullzone
972527
referrer-policy
strict-origin-when-cross-origin
cdn-proxyver
1.04
x-ipfs-roots
bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq,QmdBBkEwXiimSZWn4p9vjkMaLcmQPMFMdUuJqJb6QUtdnM,QmWgomjk9TL6qcADTs9iqUYa7KK4x8ZhFPCKVPUvRNYvhX
etag
W/"QmWgomjk9TL6qcADTs9iqUYa7KK4x8ZhFPCKVPUvRNYvhX"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
max-age=14400, stale-while-revalidate=3600
x-ipfs-path
/ipfs/bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq/assets/index-ae585b0b.js
cdn-requestcountrycode
DE
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
date
Sun, 28 Jan 2024 22:26:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1081
x-cache-status
MISS
cdn-cachedat
11/10/2023 20:50:00
x-xss-protection
0
x-request-id
98462e22b4caa9d7e03f164cbd7171ee
server
cloudflare
cdn-requestpullcode
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGKfwj7%2Fn%2Byp2%2FWwkl6AK74u0%2Bwef0hQ4W9tRzLPOG79WuBPyk5K5erBB8AceLqBp6xrM%2FcuMsBbVrAAmcYiB9bUmkwQrDHm%2BOGPQR8fsChaVyxDOSrZQdiUZ2pVeWQQjH%2FJqdtxa%2BLvkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid
442dc7cb94691c83fabe05e485078acc
cf-ray
84cca8ff7e699bca-FRA
cdn-status
200
cdn-requestpullsuccess
True
index-9b097a67.css
web.step.app/assets/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.step.app/assets/index-9b097a67.css
Requested by
Host: web.step.app
URL: https://web.step.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b097a67faef1025bf62951c36e586916f2ed519cadb4c1cd0f47c3653e67e57
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
cdn-pullzone
972527
referrer-policy
strict-origin-when-cross-origin
cdn-proxyver
1.04
x-ipfs-roots
bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq,QmdBBkEwXiimSZWn4p9vjkMaLcmQPMFMdUuJqJb6QUtdnM,QmVSieWYVnZ1KfBYTLLyW5KRqC37mDarmpeqAZ5fh3KAkr
etag
W/"QmVSieWYVnZ1KfBYTLLyW5KRqC37mDarmpeqAZ5fh3KAkr"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=14400, stale-while-revalidate=3600
x-ipfs-path
/ipfs/bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq/assets/index-9b097a67.css
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Sun, 28 Jan 2024 22:26:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1082
x-cache-status
MISS
cdn-cachedat
11/10/2023 20:50:00
x-xss-protection
0
x-request-id
04f04c1b2c5e01b536db591f293f19e1
server
cloudflare
cdn-requestpullcode
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yncxa7abhqE4BtJh8SxiVPXEjxrAhg2xO7itnYGxvkeINWwT1Y7JIzJ6buJWN06dg8bj0Dkf25%2BdXxxi7INr31m6%2BYe81v8OA935Z%2FiHpUBBbVHBOUlmI6b3SUWK8pUL%2FER0EytEqFcfBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid
e043cf2b4b2bda2237327816e75db113
cf-ray
84cca8ff7e659bca-FRA
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3766Q8BJM3
Requested by
Host: web.step.app
URL: https://web.step.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cff2fcbec823f107c777c3947d7824f455ac506d2739da26842db0fec717a08f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 22:26:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93811
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 22:26:59 GMT
main.js
web.step.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 598A
Redirect Chain
  • https://web.step.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://web.step.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.step.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Requested by
Host: web.step.app
URL: https://web.step.app/
Protocol
H2
Server
2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8735f0e62ca354528d13eee6450727b8a0c8120e476ef534d1ecccd2afdb7471
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 22:26:59 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOthd8ocYfunBq6QWCYVFIR3pyq%2Byt2V%2BRHKUBJRB90tWKrzhW7XIE9l%2F%2BYM9y0KPkFaxsM7ndC8EZB7F4reEDOCicDmPi7KdKFYNRYWirL4wDfrUSBgjgXrSk6IRAj84l16ilTJOVUCeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
84cca900bf9f9bca-FRA

Redirect headers

date
Sun, 28 Jan 2024 22:26:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFFysDQgey8wXC6qjRN3pzivTyNkEl2%2F4DKVkJGiCvkrDW9jrIytDqbDX7Mmh2K9nzz3LGnxV8WbDcL0Eelr7ERKUgQy8s6xoHP3b6wS0Xt6wvmp%2BDitQBT7yXknEWC31l7U5fp0tJHMTg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
84cca9008f6a9bca-FRA
SignIn-6820b114.js
web.step.app/assets/ 		744 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.step.app/assets/SignIn-6820b114.js
Requested by
Host: web.step.app
URL: https://web.step.app/assets/index-c9afe529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dbd2763b4a4737449edde1b2101a203519474ca89bde86bd64712f29fc6b197
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://web.step.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
cdn-pullzone
972527
referrer-policy
strict-origin-when-cross-origin
cdn-proxyver
1.04
x-ipfs-roots
bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq,QmdBBkEwXiimSZWn4p9vjkMaLcmQPMFMdUuJqJb6QUtdnM,QmekTJNfotERkkHq5SorMNaFQWDAb5ViwNzaAjgqtjKBkw
etag
W/"QmekTJNfotERkkHq5SorMNaFQWDAb5ViwNzaAjgqtjKBkw"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
max-age=14400, stale-while-revalidate=3600
x-ipfs-path
/ipfs/bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq/assets/SignIn-6820b114.js
cdn-requestcountrycode
DE
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
date
Sun, 28 Jan 2024 22:26:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1082
x-cache-status
MISS
cdn-cachedat
11/10/2023 20:50:02
x-xss-protection
0
x-request-id
27fc8bed687cc2a6e2d62776f61c378c
server
cloudflare
cdn-requestpullcode
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5b%2FeBpfe49kH%2FT8iABmNQU%2FgZW8xFPV0334yc65oHjbAwmg0COv4d1T%2BqrdrTuFUjqocQKMv2c5sLXeQxuSwE5SsDO%2B9%2F6HSxK82B3U8IKFX0kct83BNvbAOtRWLiQnuaEi5Vn1qZB0h0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid
2f58b94b5892d76d99e936f645ab05df
cf-ray
84cca900bf929bca-FRA
cdn-status
200
cdn-requestpullsuccess
True
SignIn-8f0ff971.css
web.step.app/assets/ 		255 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.step.app/assets/SignIn-8f0ff971.css
Requested by
Host: web.step.app
URL: https://web.step.app/assets/index-c9afe529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0ff9718d1973647c89520a8c0ab19e8390bf0722bbb4813b715740b68b7c7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
cdn-pullzone
972527
referrer-policy
strict-origin-when-cross-origin
cdn-proxyver
1.04
x-ipfs-roots
bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq,QmdBBkEwXiimSZWn4p9vjkMaLcmQPMFMdUuJqJb6QUtdnM,QmZKu1StPwUJ15tQWV822NXxcvGUBLgBkjx3RcLsURJyM6
etag
W/"QmZKu1StPwUJ15tQWV822NXxcvGUBLgBkjx3RcLsURJyM6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=14400, stale-while-revalidate=3600
x-ipfs-path
/ipfs/bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq/assets/SignIn-8f0ff971.css
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Sun, 28 Jan 2024 22:26:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1082
x-cache-status
MISS
cdn-cachedat
11/10/2023 20:50:02
x-xss-protection
0
x-request-id
691cf715efd160b5ae463416254ead99
server
cloudflare
cdn-requestpullcode
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7t66fw3kAVnh7BdLl3jMRcwtROMDgznN4zeXsQzWDVqv2HxXPwpvwBvnpwFykoZ5nzeQSUYl9PeB6xMjAUiJ1H4%2BTMOBzqqNKqUeQFKT7QXBPvzxhKLFrDXcgV4U%2FD2AlB6A03bNZjjlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid
a63ce01f34c222612a6b3f341af401f8
cf-ray
84cca900bf919bca-FRA
cdn-status
200
cdn-requestpullsuccess
True
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:547422727598:web:689a7f93cec4f6a305ec3f/ 		355 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:547422727598:web:689a7f93cec4f6a305ec3f/webConfig
Requested by
Host: web.step.app
URL: https://web.step.app/assets/index-c9afe529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22d93c8e5f1a17e13b09c7ae2760287147d1291ec1adcc6a7814ab5246e1b870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://web.step.app/
x-goog-api-key
AIzaSyD8XRCLUrS4ypRFN6Oubg0nfxNrECVmbWQ
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 22:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://web.step.app
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
238
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:547422727598:web:689a7f93cec4f6a305ec3f/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:547422727598:web:689a7f93cec4f6a305ec3f/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://web.step.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://web.step.app
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 28 Jan 2024 22:26:59 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
statics.json
cdn-preupdate.step.app/statics/latest/ 		22 MB
957 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-preupdate.step.app/statics/latest/statics.json
Requested by
Host: web.step.app
URL: https://web.step.app/assets/index-c9afe529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://web.step.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc61
date
Sun, 28 Jan 2024 22:26:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cached-since
2024-01-28T05:37:30+00:00
x-id-fe
fr5-hw-edge-gc8
last-modified
Tue, 16 Jan 2024 04:20:16 GMT
server
cloudflare
traceparent
00-cf4b234dd8c26684e9803c4690f46f9a-e5f3aaa62ffa304c-01
etag
W/"65a60400-161dd90"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um%2BLUl95qS7da2F3uWsX34%2FCmkgzy8NPG7YRD%2FYLKTAI%2BybCTiMf1awIgf3ZoucBrxv5Mj6%2F3kjB4DgU8nG3PZbFeYq5vOzNjcu1FmdPxtLqP%2FZ1o4D6fWVHPvdh2F6ZRlHqpQyd8a7JpXgiqwTST7HhRK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache
HIT
cf-ray
84cca900f9e64d25-FRA
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3766Q8BJM3&gtm=45je41o0v9165619434&_p=1706480819157&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1988782110.1706480819&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706480819&sct=1&seg=0&dl=https%3A%2F%2Fweb.step.app%2F&dt=Step%20App%20%7C%20Web&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=334
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3766Q8BJM3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 22:26:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://web.step.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
84cca8ff3e199bca
web.step.app/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 598A 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.step.app/cdn-cgi/challenge-platform/h/g/jsd/r/84cca8ff3e199bca
Requested by
Host: web.step.app
URL: https://web.step.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 28 Jan 2024 22:26:59 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
84cca90138289bca-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXlpmcZEKjdoBrEMBYr8U%2F9lVYlNcws0f80jdC%2BfYK9Obm068ITsJaBWIn9mjZeT0xf%2B4jJsTzOlAK7Qinx3Zdr8aArZkiWW3RczjFbPSuNXz4AWnON3Ue2Qi1uLLTh1t1u0wO6piEV2VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
SFMono-Bold-87372509.woff2
web.step.app/assets/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://web.step.app/assets/SFMono-Bold-87372509.woff2
Requested by
Host: web.step.app
URL: https://web.step.app/assets/index-9b097a67.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873725099b93f7fd673da33d265b55a73dee159f25c1619cb11cf54094f9b4c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://web.step.app/assets/index-9b097a67.css
Origin
https://web.step.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
cdn-pullzone
972527
referrer-policy
strict-origin-when-cross-origin
cdn-proxyver
1.04
x-ipfs-roots
bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq,QmdBBkEwXiimSZWn4p9vjkMaLcmQPMFMdUuJqJb6QUtdnM,QmRUJyHLiehuBNz86sjjhMESnYRHmPwfCLGUTVr1oLXYHe
etag
"QmRUJyHLiehuBNz86sjjhMESnYRHmPwfCLGUTVr1oLXYHe"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
REVALIDATED
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=14400, stale-while-revalidate=3600
x-ipfs-path
/ipfs/bafybeieevl3bvviuteliio2xc2soubqbwjpobifietvgvmt65kjha5mfhq/assets/SFMono-Bold-87372509.woff2
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Sun, 28 Jan 2024 22:26:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1080
x-cache-status
MISS
cdn-cachedat
01/04/2024 09:42:06
content-length
44888
x-xss-protection
0
x-request-id
4273eae5a93c9df69d2eb1d03cbabd5c
server
cloudflare
cdn-requestpullcode
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DP4yWZNJhgd2nToyBHsdCgrgklBG6Jd6Rks%2Bt2xP8Mo%2BuJkHjhwO8bn%2FhjNXZsmJr9bhIyTlO4d45A98oNH57OLxDViSAW3yFTER7qB9RE%2BCkX3WG%2BGL0ryD8UwjftKe9fJmPwX1CGKvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
cdn-requestid
9d7e731d3ef0a02b6daab6c038d11289
accept-ranges
bytes
cf-ray
84cca9038ab09bca-FRA
cdn-status
200
cdn-requestpullsuccess
True
installations
firebaseinstallations.googleapis.com/v1/projects/step-app-2bacf/ 		622 B
677 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/step-app-2bacf/installations
Requested by
Host: web.step.app
URL: https://web.step.app/assets/index-c9afe529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05b2966cf1cf99b375e585d0a08124a2d7fb68e7e84e5459e60ad3d841d9ebd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://web.step.app/
x-goog-api-key
AIzaSyD8XRCLUrS4ypRFN6Oubg0nfxNrECVmbWQ
accept-language
de-DE,de;q=0.9
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMCBmaXJlLWNvcmUtZXNtMjAxNy8wLjkuMCBmaXJlLWpzLyBmaXJlLWlpZC8wLjYuMCBmaXJlLWlpZC1lc20yMDE3LzAuNi4wIGZpcmUtYW5hbHl0aWNzLzAuOS4wIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC45LjAgZmlyZS1qcy1hbGwtYXBwLzkuMTUuMCIsImRhdGVzIjpbIjIwMjQtMDEtMjgiXX1dfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Sun, 28 Jan 2024 22:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://web.step.app
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
487
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/step-app-2bacf/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/step-app-2bacf/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://web.step.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://web.step.app
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 28 Jan 2024 22:26:59 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-M830R3N37B
Requested by
Host: web.step.app
URL: https://web.step.app/assets/index-c9afe529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d01ce701f99f9bf0befeb065d927d983e0450a8ca5f77d16b1ff4cf29c17deb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 22:26:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79983
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 22:26:59 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M830R3N37B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3766Q8BJM3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6068238a358deb328d112d6904304916b20cbffa5901994b4a2413a8344b00cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 22:26:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79870
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 22:26:59 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-M830R3N37B&gtm=45je41o0v9115484297&_p=1706480819157&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&_fid=dSjeZ77UUxhrUczNW8WocI&cid=1988782110.1706480819&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706480820&sct=1&seg=0&dl=https%3A%2F%2Fweb.step.app%2F&dt=Step%20App%20%7C%20Web&en=page_view&_fv=1&_ss=2&_ee=1&ep.origin=firebase&tfd=1702
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M830R3N37B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 22:27:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://web.step.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M830R3N37B&cid=1988782110.1706480819&gtm=45je41o0v9115484297&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M830R3N37B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 22:27:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://web.step.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M830R3N37B&cid=1988782110.1706480819&gtm=45je41o0v9115484297&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1102067035
Requested by
Host: web.step.app
URL: https://web.step.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 22:27:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abikvo75
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/abikvo75
Requested by
Host: web.step.app
URL: https://web.step.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95cfdeff5e87410261b41c4fd0aef29eb6ab061a4d2da9a3ccdb5f81113b42e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
dw7rX1zCXCqIqpjPTx599dg3Mx.SaiSH
content-encoding
gzip
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 22:24:42 GMT
x-amz-cf-pop
FRA56-C2
age
146
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2707
last-modified
Fri, 26 Jan 2024 17:37:11 GMT
server
AmazonS3
etag
"692f0c332aca27cbf85d03608b2502bf"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
QWmjajTfFDmVXGXxOWiOMRMu31QWpCVJ8HGLOOsxBcNZ5kN7GWBMig==
frame-modern.60152aab.js
js.intercomcdn.com/ Frame 8BE3 		878 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.60152aab.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/abikvo75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-63.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
953bb1b46dbd19e477b3d3c9f54b8e521330eecdd93c9385d0f0c6ce1ceb3c3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
Srrg5D4PJk7IXEIs5c5d3z6QGvokWOMk
content-encoding
gzip
via
1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 20:31:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-C1
age
6954
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
255218
last-modified
Fri, 26 Jan 2024 17:34:33 GMT
server
AmazonS3
etag
"e09b60d38402ad6356d80ad953a75150"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
CqeoS8HlIdoTuWksPqJyxvSkEHtjU-LqpbDIiA4ySdxAoBB3SbkveQ==
vendor-modern.c93438f4.js
js.intercomcdn.com/ Frame 8BE3 		458 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.c93438f4.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/abikvo75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-63.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bc3d8790dd96d6ddd96469f44a181b79daf78402bfdac1a1784e4668cb8d63d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
pBL35HpONOV9ZtiwidENkbi5PnfmwItY
content-encoding
gzip
via
1.1 ac90d46be219b2aa8a23e6982405715c.cloudfront.net (CloudFront)
date
Sun, 28 Jan 2024 21:22:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-C1
age
3871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
143979
last-modified
Thu, 25 Jan 2024 17:38:33 GMT
server
AmazonS3
etag
"23075e5e0dab5434e3872365e9ccbba4"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
6YWywx4XChlMphTF0KCuGdU5OETYT-LNUaBbZ5DdavdUjasRUXjeQQ==
ping
api-iam.intercom.io/messenger/web/ Frame 8BE3 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.60152aab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.73.162.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-162-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ff8692628db96d1f808e249c18e6b03ec959f055b2a1cf271664a5b63448af02
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 28 Jan 2024 22:27:01 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-005b0ebb3336c597a
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0023b8cjdkkjmdsnntq0
x-runtime
0.303402
server
nginx
etag
W/"ff8692628db96d1f808e249c18e6b03e"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://web.step.app
x-intercom-version
5f2b1b9ab71c034a51f76fb30c3084ca0ac1f916
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
1bf1cb0ca87a05407f159a07264fa0b5.png
downloads.intercomcdn.com/i/o/466034/f0c0b45e3422e1a261987507/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downloads.intercomcdn.com/i/o/466034/f0c0b45e3422e1a261987507/1bf1cb0ca87a05407f159a07264fa0b5.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.197.143.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a69d63ecdf0f33068.awsglobalaccelerator.com
Software
nginx /
Resource Hash
9c0406e9a552bece8e09615337f53d1b67106a0c9a34178cbbe5f1551d38913d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 22:27:01 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-005b0ebb3336c597a
content-security-policy
default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
status
200 OK
content-transfer-encoding
binary
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="1bf1cb0ca87a05407f159a07264fa0b5.png"; filename*=UTF-8''1bf1cb0ca87a05407f159a07264fa0b5.png
x-xss-protection
1; mode=block
x-request-id
0023rpovkmhc7rtl9q20
x-runtime
0.104004
last-modified
Fri, 01 Dec 2023 14:46:52 GMT
server
nginx
x-request-queueing
0
vary
Accept-Encoding
x-frame-options
deny
content-type
image/png
x-intercom-version
5f2b1b9ab71c034a51f76fb30c3084ca0ac1f916
cache-control
max-age=86400, private
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3766Q8BJM3&gtm=45je41o0v9165619434&_p=1706480819157&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1988782110.1706480819&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1706480819&sct=1&seg=0&dl=https%3A%2F%2Fweb.step.app%2F&dt=Step%20App%20%7C%20Web&en=scroll&epn.percent_scrolled=90&_et=3&tfd=5338
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3766Q8BJM3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://web.step.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 22:27:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://web.step.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| gtag object| dataLayer object| intercomSettings function| Intercom function| IMask function| Buffer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| __intercomAssignLocation function| __intercomReloadLocation

7 Cookies

Domain/Path Name / Value
.step.app/ Name: _ga
Value: GA1.1.1988782110.1706480819
.step.app/ Name: _ga_3766Q8BJM3
Value: GS1.1.1706480819.1.0.1706480819.0.0.0
.step.app/ Name: cf_clearance
Value: 3hHdVEGFmZnJK3_P_nULf5TWxveO.ymX8unPJTc5f88-1706480819-1-ARb1Pk3HQ+DmLSTINqgrxUkJGREBpGNshm33CA12xn2E0gtEW1L9WPdMOX5r/pa8YoR5ChSgPnoPrRpE2ykBIp0=
.step.app/ Name: _ga_M830R3N37B
Value: GS1.1.1706480820.1.0.1706480820.60.0.0
.step.app/ Name: intercom-id-abikvo75
Value: 397035a6-3396-4595-9c8b-b581dbf60ea0
.step.app/ Name: intercom-session-abikvo75
Value:
.step.app/ Name: intercom-device-id-abikvo75
Value: b6374fe5-93bf-42cb-9e52-89fb8ca73082

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
cdn-preupdate.step.app
downloads.intercomcdn.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
js.intercomcdn.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
web.step.app
widget.intercom.io
www.google.de
www.googletagmanager.com
13.32.27.21
15.197.143.135
2001:4860:4802:32::36
2606:4700:20::681a:107
2606:4700:20::ac43:45c4
2a00:1450:4001:806::200a
2a00:1450:4001:810::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9c
52.73.162.54
99.84.88.63
05b2966cf1cf99b375e585d0a08124a2d7fb68e7e84e5459e60ad3d841d9ebd9
0814e002ad0ee277700afa57a301fc5d07f2c4c770fe09a814610d9221d8e739
22d93c8e5f1a17e13b09c7ae2760287147d1291ec1adcc6a7814ab5246e1b870
2dbd2763b4a4737449edde1b2101a203519474ca89bde86bd64712f29fc6b197
4d01ce701f99f9bf0befeb065d927d983e0450a8ca5f77d16b1ff4cf29c17deb
6068238a358deb328d112d6904304916b20cbffa5901994b4a2413a8344b00cb
7bc3d8790dd96d6ddd96469f44a181b79daf78402bfdac1a1784e4668cb8d63d
8735f0e62ca354528d13eee6450727b8a0c8120e476ef534d1ecccd2afdb7471
873725099b93f7fd673da33d265b55a73dee159f25c1619cb11cf54094f9b4c0
8f0ff9718d1973647c89520a8c0ab19e8390bf0722bbb4813b715740b68b7c7c
953bb1b46dbd19e477b3d3c9f54b8e521330eecdd93c9385d0f0c6ce1ceb3c3f
95cfdeff5e87410261b41c4fd0aef29eb6ab061a4d2da9a3ccdb5f81113b42e9
9b097a67faef1025bf62951c36e586916f2ed519cadb4c1cd0f47c3653e67e57
9c0406e9a552bece8e09615337f53d1b67106a0c9a34178cbbe5f1551d38913d
a37dc41a593d3a8bbc60a873681f169352aede345582f16cbc31bc6b9804f378
cff2fcbec823f107c777c3947d7824f455ac506d2739da26842db0fec717a08f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2acd41e8d7c9eae2153073e4701d1d55468e572f6b8540ccbe50c2b2edfd9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff8692628db96d1f808e249c18e6b03ec959f055b2a1cf271664a5b63448af02