www.dailypay.com Open in urlscan Pro
2600:9000:21f3:3c00:1:f007:ac00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dailypay.com/
Effective URL:
https://www.dailypay.com/
Submission: On August 13 via api (August 13th 2021, 11:02:50 am UTC) from CH

Summary HTTP 256 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 64 IPs in 6 countries across 51 domains to perform 256 HTTP transactions. The main IP is 2600:9000:21f3:3c00:1:f007:ac00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.dailypay.com.
TLS certificate: Issued by Amazon on November 5th 2020. Valid for: a year.

This is the only time www.dailypay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.224.193.88 13.224.193.88	16509 (AMAZON-02) (AMAZON-02)
1 3	2600:9000:21f... 2600:9000:21f3:3c00:1:f007:ac00:93a1	16509 (AMAZON-02) (AMAZON-02)
49	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a8::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:29e::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:600:13:c079:7880:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	68.67.153.53 68.67.153.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
64	13.224.193.114 13.224.193.114	16509 (AMAZON-02) (AMAZON-02)
12	51.178.78.162 51.178.78.162	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6814:14ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.106.112.186 172.106.112.186	40676 (AS40676) (AS40676)
1	34.198.11.176 34.198.11.176	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3036::ac43:c834	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.235.84.161 205.235.84.161	62947 (IMDC-AS1) (IMDC-AS1)
1	2606:4700::68... 2606:4700::6811:81ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:ae00:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	44.239.184.180 44.239.184.180	16509 (AMAZON-02) (AMAZON-02)
12	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	199.232.80.84 199.232.80.84	54113 (FASTLY) (FASTLY)
2	54.184.88.159 54.184.88.159	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	52.201.132.210 52.201.132.210	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2606:4700:20:... 2606:4700:20::ac43:44a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.255.138.57 34.255.138.57	16509 (AMAZON-02) (AMAZON-02)
1	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02)
1	54.218.243.92 54.218.243.92	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	3.225.10.210 3.225.10.210	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.253.150.6 34.253.150.6	16509 (AMAZON-02) (AMAZON-02)
2	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
14	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	34.193.113.164 34.193.113.164	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.193.102 13.224.193.102	16509 (AMAZON-02) (AMAZON-02)
2	34.234.150.139 34.234.150.139	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
256	64

1 13.224.193.88 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-88.fra2.r.cloudfront.net

dailypay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:3c00:1:f007:ac00:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.dailypay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

d6s3i7h4.rocketcdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a8::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:29e::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

10697569.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:600:13:c079:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.53 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: one.progmxs.pxlsrv.net

one.progmxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.89 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 13.224.193.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-114.fra2.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 51.178.78.162 (France)

ASN16276 (OVH, FR)
PTR: ns3165917.ip-51-178-78.eu

serve.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audience.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.106.112.186 (Ashburn, United States)

ASN40676 (AS40676, US)
PTR: unassigned.psychz.net

meta.resetdigital.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.11.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-11-176.compute-1.amazonaws.com

app.fivetier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c834 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.235.84.161 (United States)

ASN62947 (IMDC-AS1, US)

udxsva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:81ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ae00:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.239.184.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-184-180.us-west-2.compute.amazonaws.com

gw.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.80.84 (Marseille, France)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.184.88.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-88-159.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.132.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-132-210.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:44a1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api-54-218-243-92.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.138.57 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-138-57.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.218.243.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-243-92.us-west-2.compute.amazonaws.com

v4-api-54-218-243-92.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.10.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-10-210.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.150.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-150-6.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flow.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.193.113.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-113-164.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-102.fra2.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.150.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-150-139.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	driftt.com js.driftt.com	755 KB
49	rocketcdn.me d6s3i7h4.rocketcdn.me	932 KB
19	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com flow.api.drift.com	7 KB
12	facebook.com www.facebook.com	826 B
12	nrich.ai serve.nrich.ai tag.nrich.ai audience.nrich.ai	25 KB
10	doubleclick.net 1 redirects 10697569.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	6 KB
7	google.de 1 redirects www.google.de adservice.google.de	1 KB
7	google.com www.google.com adservice.google.com	904 B
5	facebook.net connect.facebook.net	314 KB
5	googletagmanager.com www.googletagmanager.com	218 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	b2c.com 1 redirects api-54-218-243-92.b2c.com v4-api-54-218-243-92.b2c.com	7 KB
4	hubspot.com api.hubspot.com track.hubspot.com forms.hubspot.com	3 KB
4	oribi.io cdn.oribi.io gw.oribi.io	36 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	dailypay.com 2 redirects dailypay.com www.dailypay.com	65 KB
3	gstatic.com fonts.gstatic.com	43 KB
3	pinterest.com ct.pinterest.com	1005 B
3	crazyegg.com script.crazyegg.com	23 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	87 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	sentry.io sentry.io	806 B
2	adsrvr.org 1 redirects insight.adsrvr.org	407 B
2	leadsrx.com app.leadsrx.com	17 KB
2	resetdigital.co meta.resetdigital.co	2 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	pinimg.com s.pinimg.com	18 KB
2	googleadservices.com www.googleadservices.com	28 KB
2	fontawesome.com use.fontawesome.com	147 KB
1	imgix.net driftt.imgix.net	3 KB
1	driftcdn.com embeds.driftcdn.com	8 KB
1	hubapi.com api.hubapi.com	983 B
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	629 B
1	rtactivate.com bpi.rtactivate.com	109 B
1	hsforms.com forms.hsforms.com	505 B
1	lfeeder.com sc.lfeeder.com	8 KB
1	hsleadflows.net js.hsleadflows.net	85 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	usemessages.com js.usemessages.com	21 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	udxsva.com udxsva.com	194 B
1	fouanalytics.com api.fouanalytics.com	984 B
1	fivetier.com app.fivetier.com	3 KB
1	zoominfo.com ws.zoominfo.com	490 B
1	progmxs.com 1 redirects one.progmxs.com	220 B
1	hs-scripts.com js.hs-scripts.com	1 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.net js.hsforms.net	145 KB
256	51

	Domain	Requested by
64	js.driftt.com	www.dailypay.com js.driftt.com
49	d6s3i7h4.rocketcdn.me	www.dailypay.com d6s3i7h4.rocketcdn.me
12	www.facebook.com	www.dailypay.com connect.facebook.net
6	targeting.api.drift.com	js.driftt.com
6	metrics.api.drift.com	js.driftt.com
6	tag.nrich.ai	www.dailypay.com
6	www.google.de	www.dailypay.com
6	www.google.com	www.dailypay.com
5	connect.facebook.net	www.dailypay.com connect.facebook.net
5	www.googletagmanager.com	www.dailypay.com www.googletagmanager.com js.hsadspixel.net
4	audience.nrich.ai	tag.nrich.ai www.dailypay.com
4	googleads.g.doubleclick.net	www.googleadservices.com
4	10697569.fls.doubleclick.net	1 redirects www.googletagmanager.com www.dailypay.com adservice.google.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	bootstrap.api.drift.com	js.driftt.com
3	api-54-218-243-92.b2c.com	1 redirects www.dailypay.com
3	ct.pinterest.com	s.pinimg.com www.dailypay.com
3	gw.oribi.io	cdn.oribi.io
3	script.crazyegg.com	d6s3i7h4.rocketcdn.me script.crazyegg.com
3	www.dailypay.com	1 redirects www.dailypay.com
2	flow.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	fonts.googleapis.com	js.driftt.com
2	sentry.io	js.driftt.com
2	errors.client.optimizely.com	cdn.optimizely.com
2	px.ads.linkedin.com	2 redirects
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	app.leadsrx.com	www.dailypay.com app.leadsrx.com
2	api.hubspot.com	js.usemessages.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	meta.resetdigital.co	www.googletagmanager.com www.dailypay.com
2	serve.nrich.ai	www.dailypay.com serve.nrich.ai
2	secure.adnxs.com	1 redirects www.dailypay.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.googleadservices.com	www.googletagmanager.com
2	use.fontawesome.com	d6s3i7h4.rocketcdn.me
1	driftt.imgix.net	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	track.hubspot.com
1	px4.ads.linkedin.com	www.dailypay.com
1	www.linkedin.com	1 redirects
1	v4-api-54-218-243-92.b2c.com	www.dailypay.com
1	d1eoo1tco6rr5e.cloudfront.net	10697569.fls.doubleclick.net
1	bpi.rtactivate.com	www.dailypay.com
1	adservice.google.de	1 redirects
1	forms.hsforms.com	www.dailypay.com
1	adservice.google.com	10697569.fls.doubleclick.net
1	sc.lfeeder.com	www.dailypay.com
1	js.hsleadflows.net	d6s3i7h4.rocketcdn.me
1	js.hs-analytics.net	d6s3i7h4.rocketcdn.me
1	js.usemessages.com	d6s3i7h4.rocketcdn.me
1	js.hsadspixel.net	d6s3i7h4.rocketcdn.me
1	js.hs-banner.com	d6s3i7h4.rocketcdn.me
1	js.hscollectedforms.net	d6s3i7h4.rocketcdn.me
1	udxsva.com	www.dailypay.com
1	api.fouanalytics.com	www.googletagmanager.com
1	app.fivetier.com	www.dailypay.com
1	ws.zoominfo.com	www.dailypay.com
1	rum-static.pingdom.net	www.googletagmanager.com
1	one.progmxs.com	1 redirects
1	cdn.oribi.io	www.dailypay.com
1	js.hs-scripts.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	js.hsforms.net	www.dailypay.com
1	cdn.optimizely.com	www.dailypay.com
1	dailypay.com	1 redirects
256	70

This site contains links to these domains. Also see Links.

Domain
my.dailypay.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
*.dailypay.com Amazon	`2020-11-05` - `2021-12-06`	a year	crt.sh
*.rocketcdn.me R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
oribi.io Amazon	`2021-06-18` - `2022-07-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.nrich.ai AlphaSSL CA - SHA256 - G2	`2020-12-03` - `2022-01-04`	a year	crt.sh
*.pingdom.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-15` - `2022-01-15`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
data.resetdigital.co R3	`2021-08-07` - `2021-11-05`	3 months	crt.sh
app.fivetier.com R3	`2021-06-29` - `2021-09-27`	3 months	crt.sh
udxsva.com Go Daddy Secure Certificate Authority - G2	`2020-03-03` - `2022-05-02`	2 years	crt.sh
*.lfeeder.com Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.oribi.io Amazon	`2021-06-22` - `2022-07-21`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.leadsrx.com GeoTrust RSA CA 2018	`2020-03-26` - `2022-04-13`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.b2c.com R3	`2021-07-28` - `2021-10-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
errors.client.optimizely.com Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.dailypay.com/
Frame ID: 5110B558B29B20CC3A6049143E71749A
Requests: 160 HTTP requests in this frame

Frame: https://10697569.fls.doubleclick.net/activityi;dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F
Frame ID: 698B5089FF648D21918E365C55BFD18C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F
Frame ID: 27B3E35951CF5CC169FDFB2346DF247F
Requests: 1 HTTP requests in this frame

Frame: https://10697569.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F
Frame ID: 67A7F36B540B4FA12150F4D421303FB7
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/157se82/ub6s8qh/iframe
Frame ID: A4221554663685C2A7A9F022CA670333
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
Frame ID: F54077A83348109EB30C50401B88E579
Requests: 44 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
Frame ID: 52B5069939DF4E2C1C6F8DAB8DCAEB64
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

On Demand Pay Provider | DailyPay

Page URL History Show full URLs

http://dailypay.com/ HTTP 301
http://www.dailypay.com/ HTTP 301
https://www.dailypay.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tracker\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

256
Requests

100 %
HTTPS

62 %
IPv6

51
Domains

70
Subdomains

64
IPs

6
Countries

3103 kB
Transfer

8809 kB
Size

17
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://my.dailypay.com/
Title: Sign up

Search URL Search Domain Scan URL

URL: https://my.dailypay.com/welcome
Title: Employee Sign Up

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dailypay
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/dailypay
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dailypay-inc/
Title: Linked in

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dailypay/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOHcuqx2v4Yqpm1bdt1AMWA
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dailypay.com/ HTTP 301
http://www.dailypay.com/ HTTP 301
https://www.dailypay.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://10697569.fls.doubleclick.net/activityi;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F HTTP 302
https://10697569.fls.doubleclick.net/activityi;dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F

Request Chain 65

https://one.progmxs.com/seg?add=23063136&t=1 HTTP 302
https://secure.adnxs.com/seg?add=23063136&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23063136%26t%3D1

Request Chain 111

https://adservice.google.de/ddm/fls/i/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F HTTP 302
https://10697569.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F

Request Chain 123

https://insight.adsrvr.org/tags/157se82/ub6s8qh/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/157se82/ub6s8qh/iframe

Request Chain 137

https://api-54-218-243-92.b2c.com/api/x?VqRemB2nw3QEHJAB$dXJsJDAkaHR0cHM6Ly93d3cuZGFpbHlwYXkuY29tLyIsInJlZmVycmVyJDAkIiwiYW5jZXN0b3JPcmlnaW5zJDAkIiwidmlkZW8kMCQxNjAweDEyMDB4MjQiLCJmcmFtZSQwJDAiLCJoaWRkZW4kMCQwIiwidmlzaWJpbGl0eVN0YXRlJDAkdmlzaWJsZSIsImhhc0ZvY3VzJDAkMSIsIndpbmRvdyQwJDE2MDB4MTIwMCIsInBpeGVscmF0aW8kMCQxIiwiaW5uZXIkMCQxNjAweDEyMDAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQwJEVycm9yOiBUeXBlRXJyb3I6IENhbm5vdCByZWFkIHByb3BlcnR5ICdzZXRJdGVtJyBvZiBudWxsIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQwJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDEkdHJ1ZSIsImRvTm90VHJhY2skMSQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDEkMTYiLCJsYW5ndWFnZSQxJGVuLVVTIiwicGxhdGZvcm0kMSRMaW51eCB4ODZfNjQiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJzZW5kQmVhY29uJDEkMSIsInVzZXJBZ2VudCQxJE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwiZm9udHJlbmRlciQyMCQxIiwid2ViZ2wkMjQkbi9hIiwidGltZSQyNCQxNjI4ODUyNTQ4NTY0IiwidGltZXpvbmUkMjQkLTEyMCIsInBsdWdpbnMkMjQkTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkMjUkMTguMiIsIm1lbS11c2VkSlNIZWFwU2l6ZSQyNSQxNi4xIiwibWVtLWpzSGVhcFNpemVMaW1pdCQyNSQzNzYwIiwidGltZS1mZXRjaFN0YXJ0JDI1JDE2MiIsInRpbWUtZG9tYWluTG9va3VwU3RhcnQkMjUkMTY3IiwidGltZS1kb21haW5Mb29rdXBFbmQkMjUkMTY3IiwidGltZS1jb25uZWN0U3RhcnQkMjUkMTY3IiwidGltZS1jb25uZWN0RW5kJDI1JDIwMiIsInRpbWUtc2VjdXJlQ29ubmVjdGlvblN0YXJ0JDI1JDE4MiIsInRpbWUtcmVxdWVzdFN0YXJ0JDI1JDIwMiIsInRpbWUtcmVzcG9uc2VTdGFydCQyNSQyMjMiLCJ0aW1lLXJlc3BvbnNlRW5kJDI1JDIyNyIsInRpbWUtZG9tTG9hZGluZyQyNSQyMjYiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDI1JDk5NiIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkMjUkMTE5MSIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50RW5kJDI1JDExOTgiLCJuYXZpZ2F0aW9uLXJlZGlyZWN0Q291bnQkMjUkMCIsIm5hdmlnYXRpb24tdHlwZSQyNSRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQzMyQwLjciLCJnbG9iYWxzJDMzJDUyNGUyOGE2IiwiZG9jdW1lbnQtdGltZSQzNyQwLjgiLCJkb2N1bWVudCQzNyQ1ODE5ZGU5YSIsImNvbm5lY3Rpb24kMzckIiwiZG93bmxpbmtNYXgkMzckIiwiZ2V0VXNlck1lZGlhJDM4JDIiLCJhcHBsZXBheSQzOCRuL2EiLCJwYWdlLWZyYW1lLWNvdW50JDM4JDMiLCJwYWdlLWZyYW1lLWxpc3QkMzgkMHgwIzEwNjk3NTY5LmZscy5kb3VibGVjbGljay5uZXQgMHgwIyAweDAjIiwicGFnZS1oYXNoJDQ5JDcxMmNkM2QwIiwiY2xvY2skNTMkMzcyMiIsInBlcm1pc3Npb24tZ2VvbG9jYXRpb24kNjAkcHJvbXB0IiwiYmF0dGVyeSQ2MCQxIDEgMCBJbmZpbml0eSIsImludGVyc2VjdGlvbi1zaXplJDY4JDE2MDB4MTIwMCIsImludGVyc2VjdGlvbi1lbnRlciQ2OCQweDAgMTYwMHgxMjAwIiwiaW50ZXJzZWN0aW9uJDY4JDEwMCIsInBlcm1pc3Npb24tbm90aWZpY2F0aW9ucyQ2OSRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQ2OSRwcm9tcHQiLCJwZXJtaXNzaW9uLW1pY3JvcGhvbmUkNjkkcHJvbXB0IiwicGVybWlzc2lvbi1wZXJzaXN0ZW50LXN0b3JhZ2UkNjkkcHJvbXB0IiwiYXVkaW9jb250ZXh0JDcxJGY3ZTcxMmQ5Iiwic29ydCQxMTEkMTcuMiIsImZyYW1lcmF0ZSQxNTYkODAiLCJhZGJsb2NrJDI0MyQw HTTP 302
https://v4-api-54-218-243-92.b2c.com:444/api/4?VqRemB2nw3QEHJAB

Request Chain 144

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311138&time=1628852551487&url=https%3A%2F%2Fwww.dailypay.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1311138%26time%3D1628852551487%26url%3Dhttps%253A%252F%252Fwww.dailypay.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311138&time=1628852551487&url=https%3A%2F%2Fwww.dailypay.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1311138&time=1628852551487&url=https%3A%2F%2Fwww.dailypay.com%2F&liSync=true&e_ipv6=AQI35cHkOwL55QAAAXs_LYHdMs_Tss0FxcyHm9-qRRReXvzxGullBPLRHMrLD-poB1t8TTqG

256 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dailypay.com/
Redirect Chain

http://dailypay.com/
http://www.dailypay.com/
https://www.dailypay.com/

225 KB
32 KB

57ms
20ms

Document
text/html

2600:9000:21f3:3c00:1:f007:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:3c00:1:f007:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / WP Engine

Resource Hash

f7b233fcd2f791b08a49d4df93cdc49bc84bbf75aaea1ae1ba7b7c6342c376b6

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dailypay.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 13 Aug 2021 10:54:31 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
server: nginx
link: <https://www.dailypay.com/wp-json/>; rel="https://api.w.org/", <https://www.dailypay.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.dailypay.com/>; rel=shortlink
expires: Fri, 13 Aug 2021 10:52:28 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, private, must-revalidate
x-cache-group: normal
accept-ranges: bytes
x-orig-cache-control: max-age=0
content-encoding: gzip
etag: W/"b6f0386ea7f7059d9ce4c45d85b09ce8"
x-request-id: b8f386ac-f3b4-49af-a071-1750b8bf6828
x-runtime: 0.247303
strict-transport-security: max-age= 63072000; includeSubdomains; preload
vary: Accept-Encoding,Cookie,Origin
x-cache: Hit from cloudfront
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 8jFCKXUUpje-pjRfv2IsPejRda8mWKo7myX6xYVoYAKWAzbyBiZ78A==
age: 475

Redirect headers

Server: CloudFront
Date: Fri, 13 Aug 2021 11:02:26 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://www.dailypay.com/
X-Cache: Redirect from cloudfront
Via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: HXrX0ZID42Solpl2e4yp_T0QY2i1nFSJNyQfCpbVEXjpSJvS7gNTCA==

GET
H2 200 Graphik-Regular-Web.woff2
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/ 36 KB
36 KB 226ms
80ms Font
font/woff2 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/Graphik-Regular-Web.woff2

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

273393727ef04452568e9ced73b67fa49499d44c399d1e9110be6f5b05772f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.dailypay.com
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
content-length: 36565
x-xss-protection: 1; mode=block
x-request-id: c19804b5-7e73-498e-b002-6588c62c13f6
x-runtime: 0.191121
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 01 Jul 2021 21:33:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60de3499-8ead"
x-download-options: noopen
access-control-max-age: 7200
x-hw: 1628852546.cds040.lo4.hn,1628852546.cds281.lo4.c
content-type: font/woff2
via: 1.1 7e6302699a89f60ff8e9259d2dea52ba.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: max-age=31536000, public
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/fonts/Graphik-Regular-Web.woff2>; rel="canonical"
x-amz-cf-id: Kg1rfOqBncibmwoTDAuYSA8cg5cFXxYoug5aX_1rq40Q0MohMykwvQ==

GET
H2 200 Graphik-Semibold-Web.woff2
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/ 40 KB
40 KB 256ms
110ms Font
font/woff2 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/Graphik-Semibold-Web.woff2

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

c01803e337f0ea87dd36c5352cdba70255ecf0431eab5471fc2d70bfc0e199c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.dailypay.com
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
content-length: 40881
x-xss-protection: 1; mode=block
x-request-id: b8318fdd-0145-4967-b371-255a3aa18b27
x-runtime: 0.274311
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 01 Jul 2021 21:33:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60de34a0-9f89"
x-download-options: noopen
access-control-max-age: 7200
x-hw: 1628852546.cds040.lo4.hn,1628852546.cds074.lo4.c
content-type: font/woff2
via: 1.1 7e6302699a89f60ff8e9259d2dea52ba.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: max-age=31536000, public
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/fonts/Graphik-Semibold-Web.woff2>; rel="canonical"
x-amz-cf-id: XqQ89tlj0vhBER_1TjxnY87rkQ7b3fovFw9xMHYzm2ppCD27fRmZ-g==

GET
H2 200 20288003387.js Show response
cdn.optimizely.com/js/ 283 KB
87 KB 169ms
130ms Script
text/javascript 2a02:26f0:6c00:2a8::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20288003387.js

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a8::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

192a267654ba7fd31dd793a79c30edcfc38ccb0d7ddcfae6bef10b650bb40d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 3HagU54BCXdibvkNlW7CK5TDRLIQIRCZ
content-encoding: gzip
etag: "a516a34adcba012639df8a5eaaa6f742"
x-amz-request-id: 7H0QPV0BHCXQ1D8J
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 179
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:6c00:2a8::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 88287
x-amz-id-2: LmUI9QO2VxAV85ZxLsWuI8MloGtEfv7M/IKLlRBE/6XE6nC5WEewdZ+Ty5UQ3yj6q9M19y4zCKM=
last-modified: Tue, 03 Aug 2021 19:43:09 GMT
server: AmazonS3
date: Fri, 13 Aug 2021 11:02:26 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 style.min.css
d6s3i7h4.rocketcdn.me/wp-includes/css/dist/block-library/ 57 KB
9 KB 221ms
67ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-includes/css/dist/block-library/style.min.css?ver=181754a88ef8d377e0659ba01fef26db

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 72d3599459d6d95e072c0c2451095d6a.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
content-length: 8684
x-xss-protection: 1; mode=block
x-request-id: c425d068-d050-4a25-bc4f-6494a7610ed6
x-runtime: 0.263313
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 May 2021 13:39:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60acfe16-e33b"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852546.cds073.lo4.hn,1628852546.cds038.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-includes/css/dist/block-library/style.min.css>; rel="canonical"
x-amz-cf-id: QPLds64ty7FqICLlonHJlyKtN7I8hTp5tz-EOFH46DKfZartAQLALA==

GET
H2 200 style.min.css
d6s3i7h4.rocketcdn.me/wp-includes/css/dist/components/ 109 KB
16 KB 196ms
68ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-includes/css/dist/components/style.min.css?ver=181754a88ef8d377e0659ba01fef26db

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 8d36edc1ce736c158ddedbd7365e2a8e.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
content-length: 15749
x-xss-protection: 1; mode=block
x-request-id: 70eabfb5-6dfc-4ee6-a4a3-9afc189b6321
x-runtime: 0.268948
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 May 2021 13:39:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60acfe16-1b375"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852546.cds073.lo4.hn,1628852546.cds074.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-includes/css/dist/components/style.min.css>; rel="canonical"
x-amz-cf-id: LO5uFljDNtM4NZMgfeyD9gwEwErNPWbYWEDf64rdNjYnX4Ojfem3HQ==

GET
H2 200 style.min.css
d6s3i7h4.rocketcdn.me/wp-includes/css/dist/block-editor/ 91 KB
12 KB 230ms
102ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-includes/css/dist/block-editor/style.min.css?ver=181754a88ef8d377e0659ba01fef26db

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 ace508199bd84d41add2e7c3b2f8dada.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
content-length: 12156
x-xss-protection: 1; mode=block
x-request-id: e26761ad-117c-4731-abbb-17b355014dc7
x-runtime: 0.275990
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 May 2021 13:39:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60acfe16-16aee"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852546.cds073.lo4.hn,1628852546.cds235.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-includes/css/dist/block-editor/style.min.css>; rel="canonical"
x-amz-cf-id: rd2YB2YxcyRCCDLVfDxqnvhdyBMJaWoUUO3ncNgEimQFWi1AMP5Gpw==

GET
H2 200 style.min.css
d6s3i7h4.rocketcdn.me/wp-includes/css/dist/nux/ 3 KB
1 KB 230ms
102ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-includes/css/dist/nux/style.min.css?ver=181754a88ef8d377e0659ba01fef26db

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 e48cbe002652d43dfeb0eb26157a8005.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
content-length: 751
x-xss-protection: 1; mode=block
x-request-id: 5b9e64f4-b54b-48f9-86f7-fc030cac9623
x-runtime: 0.214918
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 May 2021 13:39:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60acfe16-a62"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852546.cds073.lo4.hn,1628852546.cds251.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-includes/css/dist/nux/style.min.css>; rel="canonical"
x-amz-cf-id: y7TRGX1-QgATFT1q3qnQBJge2zc7yvs1bEOvE5CO4ryLR0G8tNecKA==

GET
H2 200 style.min.css
d6s3i7h4.rocketcdn.me/wp-includes/css/dist/editor/ 22 KB
4 KB 230ms
103ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-includes/css/dist/editor/style.min.css?ver=181754a88ef8d377e0659ba01fef26db

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 b5a534d08b2c383ce078e25aff3f2348.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
content-length: 3904
x-xss-protection: 1; mode=block
x-request-id: 3cf12e2a-0212-497a-9164-bd4c0ea88803
x-runtime: 0.280914
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 May 2021 13:39:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60acfe16-5862"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852546.cds073.lo4.hn,1628852546.cds083.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-includes/css/dist/editor/style.min.css>; rel="canonical"
x-amz-cf-id: CV5bsfEnsqK2HdkcQRbRlWvAzY8OQ-oXs_6w_lxzdL1XC6ZLFE9gGQ==

GET
H2 200 blocks.style.build.css
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/ 74 KB
10 KB 263ms
136ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/blocks.style.build.css?ver=1628704392

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

0c2b5080c4e67713c96ad184c1f178e45e732b692f6d96c9f5b53d799446eec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 155b1f31204d599f17ff02ad2dd05b7a.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
content-length: 10309
x-xss-protection: 1; mode=block
x-request-id: 075b8b79-122f-47fc-8f28-2683f93cd56f
x-runtime: 0.265382
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e88-128db"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852546.cds073.lo4.hn,1628852546.cds018.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/blocks.style.build.css>; rel="canonical"
x-amz-cf-id: f8Y83ifawXcFxwbpI2v4R9qUJIZCBILY38qrZHBXHWYYQuvQ_nMBKA==

GET
H2 200 style.css
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/ 391 KB
49 KB 231ms
104ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/style.css?ver=1628704392

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

6cd835ad9ba0a8b3cc272146a9337465ce006a4d852eee02377aba6068ce4028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 9a5c4712d591c80fa6eb5cd925d9b817.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 49639
x-xss-protection: 1; mode=block
x-request-id: 951cc53c-9512-457d-97f8-3bb2d5253eba
x-runtime: 0.295920
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e88-61db1"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852546.cds073.lo4.hn,1628852546.cds071.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/wp-content/themes/horizon/style.css>; rel="canonical"
x-amz-cf-id: ZoSNa1kjkP6uq2HyIV-TvFVazg96gur3eTM7Yd0wZIEJh_Ag6DIItA==

GET
H2 200 jquery.min.js Show response
d6s3i7h4.rocketcdn.me/wp-includes/js/jquery/ 87 KB
31 KB 124ms
58ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 e9264a80086c9204ba271fc4403dab51.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
content-length: 30957
x-xss-protection: 1; mode=block
x-request-id: 14299819-449e-4dd4-8b1c-04b2cb33ab22
x-runtime: 0.317803
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 00:21:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60a308a4-15d98"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds006.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-includes/js/jquery/jquery.min.js>; rel="canonical"
x-amz-cf-id: G7xLaOTJ5H9ZxhzIGSI1clx2NJRrKBgdc8QgJfygt-N1fClrNmop-g==

GET
H2 200 jquery-migrate.min.js Show response
d6s3i7h4.rocketcdn.me/wp-includes/js/jquery/ 11 KB
4 KB 340ms
274ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 6958f3c7b188d7db406f45d2a6612b53.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
content-length: 4169
x-xss-protection: 1; mode=block
x-request-id: 244361d5-e0ba-47af-917e-f91d5b0671c5
x-runtime: 0.238104
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 00:21:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60a308a4-2bd8"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds107.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-includes/js/jquery/jquery-migrate.min.js>; rel="canonical"
x-amz-cf-id: gwsMFeGoJTwHx63_xh-fnLzWwn7kqp61tyb6vsfrpSpRRirl8X05hg==

GET
H2 200 frontend.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/stop-user-enumeration/frontend/js/ 310 B
568 B 134ms
68ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1628704392

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

ac455178a92afc5b5325eb8a7f800e97345ad9d13dcc89462a7b02dd51698c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 c1efe604ffd79a90be8f4d5002f8e908.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 207
x-xss-protection: 1; mode=block
x-request-id: dc8417cd-e446-401b-bad4-528eacf6c56f
x-runtime: 0.273465
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e88-136"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds041.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js>; rel="canonical"
x-amz-cf-id: BO4CO2bC1Zx0wkYcwhBR5bQu5wmG14eCbV4vMk6lz122XMZiMhdyIg==

GET
H2 200 swiper-bundle.min.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/swiper@6/ 143 KB
38 KB 127ms
69ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/swiper@6/swiper-bundle.min.js?ver=1628704393

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

24ff1d5e37c96e090fcd1dadc01f4381dbd837e5b24a5c43c278eae8eab47576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 39159a0d814f803c2a493023a4925c01.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 38863
x-xss-protection: 1; mode=block
x-request-id: 3ce1e1e9-e199-4797-93ee-4f606b0b2d3e
x-runtime: 0.383964
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e89-23ab5"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds250.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/swiper@6/swiper-bundle.min.js>; rel="canonical"
x-amz-cf-id: gcuMuEhuUcifIVS9xAfq6Uujy-Vt1B40V4q1vpdpxDOa3l4bSZwMLw==

GET
H2 200 / Show response
www.dailypay.com/ 225 KB
32 KB 65ms
16ms Script
text/html 2600:9000:21f3:3c00:1:f007:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailypay.com/?wordfence_syncAttackData=1628851948.5

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:3c00:1:f007:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / WP Engine

Resource Hash

f7b233fcd2f791b08a49d4df93cdc49bc84bbf75aaea1ae1ba7b7c6342c376b6

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /?wordfence_syncAttackData=1628851948.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dailypay.com
referer: https://www.dailypay.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 10:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: SHORT
x-permitted-cross-domain-policies: none
age: 476
x-powered-by: WP Engine
x-cache: Hit from cloudfront
vary: Accept-Encoding,Cookie,Origin
x-xss-protection: 1; mode=block
x-request-id: b8f386ac-f3b4-49af-a071-1750b8bf6828
x-cache-group: normal
x-runtime: 0.247303
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"b6f0386ea7f7059d9ce4c45d85b09ce8"
x-download-options: noopen
strict-transport-security: max-age= 63072000; includeSubdomains; preload
content-type: text/html; charset=utf-8
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
x-orig-cache-control: max-age=0
cache-control: max-age=600, private, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
link: <https://www.dailypay.com/wp-json/>; rel="https://api.w.org/", <https://www.dailypay.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.dailypay.com/>; rel=shortlink
x-amz-cf-id: pT485S6pr7T4UmJ-jSYnea45BjsRD2YhlGfe5rCX0wQgq_9Jw4KCWw==
expires: Fri, 13 Aug 2021 10:52:28 GMT

GET
H2 200 1799.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/pages/scripts/0095/ 5 KB
2 KB 126ms
78ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/pages/scripts/0095/1799.js?ver=1628704393

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

c547a93e56880f2196a8e700259e4f78fff3242acac7f8a07c8d43056da9a57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 17af39b4ee92855346b22603f9fa56ab.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 1853
x-xss-protection: 1; mode=block
x-request-id: d0544e4f-c89d-4740-9c6d-7263fdaab386
x-runtime: 0.322695
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e89-1321"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds060.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/pages/scripts/0095/1799.js>; rel="canonical"
x-amz-cf-id: Z62gY4i8TC97jYsm0sYg6C7BMAndnrFgPW1Ff9TjqFPaq0bt6jmb1A==

GET
H2 404 Horizon.woff2
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/ 0
0 705ms
587ms Font
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/Horizon.woff2

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.dailypay.com
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR62-C4
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding,Origin, Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: ef89180a-9e9f-4b52-aec0-3c66724d8feb
x-runtime: 0.278608
access-control-allow-origin: https://www.dailypay.com
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-max-age: 7200
x-hw: 1628852546.cds040.lo4.hn,1628852546.cds041.lo4.sc,1628852547.cds041.lo4.p
content-type: text/html
via: 1.1 c5b4348a0bb5daaef6e0b0e13b317635.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/fonts/Horizon.woff2>; rel="canonical"
x-amz-cf-id: 8gpcZ3q8ZkBjEeV4XJRbdmUocaK3rLdUUqz1YQYoSQM9XFwyNx-wKg==

GET
H2 200 all.css
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/releases/v5.8.1/css/ 55 KB
13 KB 185ms
67ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/releases/v5.8.1/css/all.css?ver=1628704392

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

a0f28a7987a6aa42d4ca3ee6aa660457a4f431294368ebecf2c8dfa18ba62838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.dailypay.com
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
content-length: 12102
x-xss-protection: 1; mode=block
x-request-id: de192e23-3753-4dbe-b596-4ab93a3bfc59
x-runtime: 0.265630
access-control-allow-origin: https://www.dailypay.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e88-daa4"
x-download-options: noopen
access-control-max-age: 7200
x-hw: 1628852546.cds040.lo4.hn,1628852546.cds036.lo4.c
content-type: text/css
via: 1.1 20e9ac2e933b363bb35ea6c61802dc9a.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/releases/v5.8.1/css/all.css>; rel="canonical"
x-amz-cf-id: kJBQhc2NfRDrfYImsvUGmy05UlK-WRsVmyF7o4nXXtNi5QMmZjohfg==

GET
H2 200 vue.min.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/npm/vue@2.6.10/dist/ 91 KB
34 KB 105ms
57ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/npm/vue@2.6.10/dist/vue.min.js?ver=1628704393

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

915c8c90ef2f05bbb55c993467d9caa44752dcd92d05438153c73a7d92380a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.dailypay.com
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
content-length: 34092
x-xss-protection: 1; mode=block
x-request-id: d955acab-9485-4f56-ac2e-18bf44597b4d
x-runtime: 0.266470
access-control-allow-origin: https://www.dailypay.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e89-16de0"
x-download-options: noopen
access-control-max-age: 7200
x-hw: 1628852547.cds040.lo4.hn,1628852547.cds254.lo4.c
content-type: application/javascript
via: 1.1 39159a0d814f803c2a493023a4925c01.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/npm/vue@2.6.10/dist/vue.min.js>; rel="canonical"
x-amz-cf-id: HRGuy1e_sMex7PNZPXgJRTayndu2QkV4O95sc59C79mHyFUcZSJVPg==

GET
H2 200 dailypay-logo.svg
d6s3i7h4.rocketcdn.me/wp-content/uploads/ 3 KB
2 KB 126ms
78ms Image
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/uploads/dailypay-logo.svg

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

2ecc475215078c3c041b860616a984cb0717bff065ad213b2568745a3ad91441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 1296
x-xss-protection: 1; mode=block
x-request-id: 54a5eb08-c168-4333-b6e8-1734da4f5e47
x-runtime: 0.188571
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 00:21:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60a308a7-bdf"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds001.lo4.c
content-type: image/svg+xml
via: 1.1 e48cbe002652d43dfeb0eb26157a8005.cloudfront.net (CloudFront)
cache-control: max-age=31536000, private
accept-ranges: bytes
link: <https://dailypay.com/wp-content/uploads/dailypay-logo.svg>; rel="canonical"
x-amz-cf-id: E2j8082_NBDOc_CWuOO0s0lZ5S2svcEV4TkfYZHRXJ2-fQ3QPvE1mw==

GET
H2 200 kroger.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 4 KB
4 KB 127ms
80ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/kroger.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

353b5b09ca6eef4a400c0d86ecc622de05a44ce08727bd97a0d319d2cfd6f61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 6005ade476005cae71525d1ec56100f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 3789
x-xss-protection: 1; mode=block
x-request-id: bc1948ce-f1fb-42a2-a250-83f0252a6ffe
x-runtime: 0.190403
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ac-ecd"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds252.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/kroger.png>; rel="canonical"
x-amz-cf-id: kGMi-zLTBqwYV9MEwzI1A5icuestw4Hfz76-Iv8R3jn9q7VgIQHX3g==

GET
H2 200 adecco.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 2 KB
2 KB 128ms
80ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/adecco.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

1c13cae1474c6f83f58ac6487ddf176292d75a0ec83b04b3270f59de24fa9f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 39159a0d814f803c2a493023a4925c01.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 2010
x-xss-protection: 1; mode=block
x-request-id: 70e00ff1-6ec4-47fd-a893-836c937fb745
x-runtime: 0.235244
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ab-7da"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds070.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/adecco.png>; rel="canonical"
x-amz-cf-id: 480S5LOWZKXy4Uj8IvuqPs969WjB-UbO71acrDNKDm41_sPa_BMCOg==

GET
H2 200 six-flags.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 4 KB
4 KB 129ms
82ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/six-flags.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

6fba6498f954000601a3ead3dda11628c6e6e3fef44cf0563e69ca8dff7e7986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 bb501579906725a97059c817430425cf.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 4071
x-xss-protection: 1; mode=block
x-request-id: 831f74df-709a-44df-8f2b-7153a56b6c12
x-runtime: 0.272046
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ac-fe7"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds230.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/six-flags.png>; rel="canonical"
x-amz-cf-id: GhQeMHfH1KHQxmBw627ALX5DmcXvuGsdf_oOTCO8yK2_-Vqsl81kTA==

GET
H2 200 dollartree.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 4 KB
4 KB 129ms
83ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/dollartree.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

54be5bcc2d9b7eb9afe3a1a668947126c2852c18d8ed9a2aacf54eec723f92a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 c1efe604ffd79a90be8f4d5002f8e908.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 3711
x-xss-protection: 1; mode=block
x-request-id: 112b4a8d-eb05-4e13-a61b-5ce0ce8fd39e
x-runtime: 0.241754
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ab-e7f"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds090.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/dollartree.png>; rel="canonical"
x-amz-cf-id: pThSC9kT1ROUgjFH_1kuGKcMAdUkhlxYy74qf4ZqENCOVme_zoi9bA==

GET
H2 200 macd.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 1 KB
2 KB 132ms
86ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/macd.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

120e4befc3deec9035d64db22a1e067f60c8ecd3ff834d6313c10d685adbd82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 bb501579906725a97059c817430425cf.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 1310
x-xss-protection: 1; mode=block
x-request-id: 93bd8fad-a01f-411e-9d62-062a01bcc2c7
x-runtime: 0.312735
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ac-51e"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds103.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/macd.png>; rel="canonical"
x-amz-cf-id: -NzXSn0C7SCLyLlOcz7cs-MnbIyU69lSwcgktaokwJlv9-sn4PcJIw==

GET
H2 200 tmobile.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 3 KB
3 KB 129ms
86ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/tmobile.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

d32253fe48c3258485420b89a4eb2497530a22f317d517b10b96cc8ed107f1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 6005ade476005cae71525d1ec56100f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 3251
x-xss-protection: 1; mode=block
x-request-id: dfcd4a5c-1cee-4100-b381-a94afad24bd1
x-runtime: 0.251663
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:41 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ad-cb3"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds233.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/tmobile.png>; rel="canonical"
x-amz-cf-id: qrgUCfpGkIEflYSrKmqb9CPi2Y5jCcuGGdST-1Ds8RvDF5KEw_FPZw==

GET
H2 200 ldl.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 3 KB
3 KB 130ms
88ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ldl.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

d86af82c8a4169c552dd136df9e8fa09dc426777aea3d5516f5ccf5e80740b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 55dad469c6d0d2d145c29e97d10ad98a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 2679
x-xss-protection: 1; mode=block
x-request-id: 22a3e93a-39d9-4910-be82-4595133677fc
x-runtime: 0.388068
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ac-a77"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds247.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/ldl.png>; rel="canonical"
x-amz-cf-id: -2iwwHXAQ2Aut-JGgbhXSgViCafBg0emAxGOTogDQbsZf9_WEqLI8A==

GET
H2 200 g4s.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 2 KB
2 KB 134ms
92ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/g4s.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

ed55a5cfc340a4a8fbd57ba6300019ff837dbaaf9f1fe9b69570bc7af509f263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 d31a115f0836c74b24184a43b912a575.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 1930
x-xss-protection: 1; mode=block
x-request-id: 71e671d5-ff18-4c94-a251-08eae4984d1d
x-runtime: 0.221916
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ac-78a"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds084.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/g4s.png>; rel="canonical"
x-amz-cf-id: -1tMqFGvRoStAyIVG_RCVqevE18LLZGwAxsrtAP4Fn45X-XEYS4UuA==

GET
H2 200 homepage_whatsnew_aite_report.jpg
d6s3i7h4.rocketcdn.me/wp-content/uploads/ 18 KB
18 KB 135ms
92ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/uploads/homepage_whatsnew_aite_report.jpg

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

c570d6293e32320197f1aa033eb2b7d2d133a0623ef03b2f24d5d1f91681043b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 17af39b4ee92855346b22603f9fa56ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 18590
x-xss-protection: 1; mode=block
x-request-id: c25a20d7-cd13-4f09-a14e-e08301aa4acd
x-runtime: 0.226302
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 10 Aug 2021 19:03:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "6112cd7a-489e"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds031.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/uploads/homepage_whatsnew_aite_report.jpg>; rel="canonical"
x-amz-cf-id: lecjWXUq5M1OIK1a7mLC_3fNphp1CDbo5aJ8szfm-ZO5eHsVMp-2Vg==

GET
H2 200 dailypay-new-2.png
d6s3i7h4.rocketcdn.me/wp-content/uploads/ 158 KB
159 KB 136ms
94ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/uploads/dailypay-new-2.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

f4326cd00e7da1b323da04df01f7de62b4c0c8b9cec38924829fff969b8e51a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 6005ade476005cae71525d1ec56100f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 162019
x-xss-protection: 1; mode=block
x-request-id: 8bda347a-279b-44eb-b58f-a18421525738
x-runtime: 0.232721
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Jul 2021 17:21:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60ef1cfd-278e3"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds109.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/uploads/dailypay-new-2.png>; rel="canonical"
x-amz-cf-id: VcUsJsY951sktxcc_Xwdyhzzt_Vdpy9V-LOIad0dLMpbkOCDxYIMGA==

GET
H2 200 dailypay-new-3.png
d6s3i7h4.rocketcdn.me/wp-content/uploads/ 132 KB
132 KB 175ms
133ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/uploads/dailypay-new-3.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

9ff4c650930a11cd94085038c0cc362610a0506e26cd3192e24b44ac707b9371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 e48cbe002652d43dfeb0eb26157a8005.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 135081
x-xss-protection: 1; mode=block
x-request-id: ed8ccf54-7bb3-40ed-998f-05b34d4a244b
x-runtime: 0.269576
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 14 Jul 2021 17:21:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60ef1cff-20fa9"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds203.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/uploads/dailypay-new-3.png>; rel="canonical"
x-amz-cf-id: 0uwmO-mbNtM08tyarBq32t8FAe3SsohiIINkWctjrhjkSbbgUujwqw==

GET
H2 200 mega-asset-1.png
d6s3i7h4.rocketcdn.me/wp-content/uploads/ 93 KB
94 KB 235ms
194ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/uploads/mega-asset-1.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

39df9debc8311c04abbf74b0745afde41d90f73b2533d5999aedd77f6b3cfee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 17af39b4ee92855346b22603f9fa56ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 95462
x-xss-protection: 1; mode=block
x-request-id: 97d58450-7ee1-4ca9-818a-b41a1365bb3c
x-runtime: 0.232207
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 May 2021 21:29:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60aebdb8-174e6"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds225.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/uploads/mega-asset-1.png>; rel="canonical"
x-amz-cf-id: DoA0ynGpGVl6-qddwIjiKEpn2GELWMidF9llOIS1AhlUhlv4ePUTUw==

GET
H2 200 barrista1-1.jpg
d6s3i7h4.rocketcdn.me/wp-content/uploads/ 90 KB
90 KB 262ms
221ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/uploads/barrista1-1.jpg

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

f949aab507dd6820be4fcdcce2541c8bd2b455b0f818ab9f89225505f3cb4085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 8d36edc1ce736c158ddedbd7365e2a8e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 91992
x-xss-protection: 1; mode=block
x-request-id: 2e3ada05-5860-48d4-9bae-e10dc34bc0e0
x-runtime: 0.224145
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 May 2021 21:29:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60aebdb4-16758"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds079.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/uploads/barrista1-1.jpg>; rel="canonical"
x-amz-cf-id: Uy-IV8mdaNixKHWgJ9LA2_3CYlHf4mEOlATLM_qrzM8tFRQFn7HdYg==

GET
H2 200 adecco_logo_red.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 1 KB
2 KB 241ms
200ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/adecco_logo_red.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

3a27199765d32a20e258230a3b512a7bfa3e57916208aacae05b5cdbb5326612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 b2c5bb2dfa91176e0d4f75ea11ff9bcc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 1267
x-xss-protection: 1; mode=block
x-request-id: 8ff8c656-f12a-41eb-834c-a73cad540e97
x-runtime: 0.302932
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ab-4f3"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds007.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/adecco_logo_red.png>; rel="canonical"
x-amz-cf-id: chY0WQYMl64E2kuwy4cH_nNURrcczSpEAsOT1WaAAnzrTb3brCsOZQ==

GET
H2 200 g4s_logo_.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 1 KB
1 KB 257ms
216ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/g4s_logo_.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

ac0193ae883b29a482e01f54745f0ed87f65413dfc734d208b84756b18fe0938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 6005ade476005cae71525d1ec56100f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 1184
x-xss-protection: 1; mode=block
x-request-id: 10f8fe40-7e55-4e0d-a609-a028bbf2afb4
x-runtime: 0.209702
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ab-4a0"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds092.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/g4s_logo_.png>; rel="canonical"
x-amz-cf-id: eR4mNv1WKMigNeUrLGMIO8tyBKTUgV5BN3Wo_7yTESCSRQB_ZCYqow==

GET
H2 200 osl_retail_services_logo.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 1 KB
2 KB 262ms
221ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/osl_retail_services_logo.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

f8706d7118388592f980c0f46bd80195970c0226e68c2f5695a388797a60a01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 55dad469c6d0d2d145c29e97d10ad98a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 1259
x-xss-protection: 1; mode=block
x-request-id: 25067537-1614-46b0-820d-dd4079823e4d
x-runtime: 0.304796
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ac-4eb"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds009.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/osl_retail_services_logo.png>; rel="canonical"
x-amz-cf-id: 3m9VSiMljwbdkr7Bn01XgYdiWAB5kjEGI8iOClJPumC6-_lywbWWmw==

GET
H2 200 rockaway_home_care_logo.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 3 KB
4 KB 287ms
246ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/rockaway_home_care_logo.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

c11c1afb99142bec1d7daf10e35e4d74a21c7b4c34c3a442a27bb12b72dd9144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 17af39b4ee92855346b22603f9fa56ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 3527
x-xss-protection: 1; mode=block
x-request-id: aebb526c-4c3f-4896-9d5c-e21143c8cb58
x-runtime: 0.201809
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ac-dc7"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds046.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/rockaway_home_care_logo.png>; rel="canonical"
x-amz-cf-id: I2X7QwhEa0DeE1_Rx7JVK_iX94U9s7-jg7fUvH9WUDAKZ1kj_w0XiQ==

GET
H2 200 parkers_markets_logo.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 3 KB
4 KB 286ms
245ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/parkers_markets_logo.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

c38c89ae0080defd23fd3622ed6633aefdd0f1652fbb17e9768043813fd1aaf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 ace508199bd84d41add2e7c3b2f8dada.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 3552
x-xss-protection: 1; mode=block
x-request-id: 74522721-751b-4e21-9d87-1a77860992e6
x-runtime: 0.300993
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ac-de0"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds065.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/parkers_markets_logo.png>; rel="canonical"
x-amz-cf-id: gJmJGb0mTpMklnBgDjDdumrjJpjfVce8saxFzLOmUGSpl0SonNgfNQ==

GET
H2 200 sprinkles_cupcakes_logo.png
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/ 3 KB
3 KB 287ms
246ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/images/sprinkles_cupcakes_logo.png

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

be12e5a690504a3aefb081c72c5f4a1d8d8700afe8ce34f3bc8fcbcd9a4bf6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 c31d49af55fff364fbd11e21a32f7fcb.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-transfer-encoding: binary
content-disposition: inline
content-length: 3095
x-xss-protection: 1; mode=block
x-request-id: 48d93a58-13c6-4fd2-8eee-2d46b46aa0e8
x-runtime: 0.224109
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 05 Jun 2021 03:59:40 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60baf6ac-c17"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds030.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, private, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/images/sprinkles_cupcakes_logo.png>; rel="canonical"
x-amz-cf-id: 5xGiV7Vxe0DBIaSOGxB7HzdqoTiGEhx18mzJ1E3HkFjIwJei2a-NMQ==

GET
H2 200 swiper-bundle.min.css
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/swiper@6/ 13 KB
4 KB 62ms
61ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/swiper@6/swiper-bundle.min.css?ver=1628704392

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

09d6264d30448cb88492d48ed5a171dbb3c93a5cc736065455125f5dfdb732bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 e72282a38ed8303004dbeb48a5b8fbb5.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 4027
x-xss-protection: 1; mode=block
x-request-id: 370deece-e0b7-4b32-9d60-f4875b72f429
x-runtime: 0.262254
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e88-356f"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds035.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/swiper@6/swiper-bundle.min.css>; rel="canonical"
x-amz-cf-id: CwL7_H3wdRnoTxOAh5mLCh7pwTHS4j5qLbYD2s0xenv9Ul5TCQI2Sg==

GET
H2 200 zdog.dist.min.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/zdog@1/dist/ 29 KB
7 KB 287ms
247ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/zdog@1/dist/zdog.dist.min.js?ver=1628704462

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

e2bba27190184b02afab35babd97812d93cd3524fab60515585c742c93e498ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 9132f1c6fe5ab3ea458d3abc7e3bc5d4.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 7251
x-xss-protection: 1; mode=block
x-request-id: 3ce83a87-03cd-4ff8-9b6e-6702b8be1f93
x-runtime: 0.301385
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:54:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140ece-73ec"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds101.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/zdog@1/dist/zdog.dist.min.js>; rel="canonical"
x-amz-cf-id: 9HBo-dW-TNEGeKC5SpDzsrMK4Tiy4zXTFEUnIeP0a4riRfuK0jH2Bg==

GET
H2 200 front-page.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/js/ 2 KB
1 KB 303ms
264ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/js/front-page.js?ver=1628704462

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

d5cbce9ae2a59f8e39bf9e6fa44febca2aef2f86858b662269d23cc6ca41612b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 58f040c89bfa807063443a43cdc364af.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 949
x-xss-protection: 1; mode=block
x-request-id: 9c6d1157-e8a6-46ff-b848-502ea64ade66
x-runtime: 0.241028
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:54:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140ece-9c0"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds269.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/wp-content/themes/horizon/js/front-page.js>; rel="canonical"
x-amz-cf-id: GSRY6m4XnR57uQJf_AKJoWUi42RDWTMBy1qogJz3B0y909W2ByPONA==

GET
H2 200 block-versions.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/ 4 KB
2 KB 304ms
265ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

c28ce968ad7620e618edd5f8954b0a88427743ce49a4beafa63daa26a61ab89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 f56af57b80f7163d09b40d9f4bdae693.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 1872
x-xss-protection: 1; mode=block
x-request-id: 967cc85f-2b6a-4396-9c72-27cbb450d940
x-runtime: 0.227433
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e89-119e"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds082.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js>; rel="canonical"
x-amz-cf-id: EyDCdbwAwS-iOzrVfTrjtNhSWZZn_Jyp9XPyb3l_3zdyFq7djVPq2Q==

GET
H2 200 dailypay-lib.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/ 44 KB
13 KB 318ms
278ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/dailypay-lib.js?ver=1628704393

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

893cbd1c7cf6cb7ddcbe7f29a6018c58a3a965d757f797a64acfc7bb993a13db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 d31a115f0836c74b24184a43b912a575.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 13334
x-xss-protection: 1; mode=block
x-request-id: b90de650-e01b-4b13-bc61-ac5d901be7a2
x-runtime: 0.249849
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e89-b0b4"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds109.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/dailypay-lib.js>; rel="canonical"
x-amz-cf-id: P2yYLP05U40ju8AQh1BnF2GIUae9pjHQiantQeFjRrJ0eJiT3MmQTA==

GET
H2 200 vue-page.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/ 8 KB
3 KB 315ms
275ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/vue-page.js?ver=1628704393

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

b554347fc0f8f4b75d541bd1860944ad456fa6298111690c6b583f55f1df3687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 e48cbe002652d43dfeb0eb26157a8005.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 3036
x-xss-protection: 1; mode=block
x-request-id: ad7505f6-05ff-483b-b191-fc6cdafaf44b
x-runtime: 0.231772
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e89-2116"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds109.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/vue-page.js>; rel="canonical"
x-amz-cf-id: HTc3GYlkg1HR1tcA1O13crFSH6_xTY8La2QKSOmbjrJfnOt_d7-hEA==

GET
H2 200 3412011.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/ 3 KB
963 B 315ms
276ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/3412011.js?ver=1628704393

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

2954ceda7923ba358931c4530bf0b3358c18ca6f4098a261aefad45c5cb65b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 7e6302699a89f60ff8e9259d2dea52ba.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 619
x-xss-protection: 1; mode=block
x-request-id: db6c6150-0cb3-44c7-a8e4-8c6e76ab305f
x-runtime: 0.231594
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e89-b45"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds227.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/3412011.js>; rel="canonical"
x-amz-cf-id: P7RAVW8Ykrlx0fOCsSmcZS2pW1ZNK717_fsWYrAXvl4bnyn1jcxo8Q==

GET
H2 200 global.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/js/ 2 KB
995 B 334ms
295ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/js/global.js?ver=1628704393

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

b4ee8b6a8c4c345e00dc1ffb79052349d247ada88fedee5ee5a478ba3d489a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 17af39b4ee92855346b22603f9fa56ab.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 677
x-xss-protection: 1; mode=block
x-request-id: 15e9feef-b9b8-46a3-83b9-6051fa8990b6
x-runtime: 0.229326
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e89-6a1"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds081.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/wp-content/themes/horizon/js/global.js>; rel="canonical"
x-amz-cf-id: g6FMLYV3I9cwwGvyFReUz4ZVsoyXeMqAvjFM4jJ3rav1lz3zmMBLiQ==

GET
H2 200 skip-link-focus-fix.js Show response
d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/js/ 418 B
651 B 334ms
296ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/js/skip-link-focus-fix.js?ver=1628704393

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

df6c38ab272af9d44cb5021bcb6e2ea26f42e4ce2b0bae5439fa53037bdd5260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 22513a5f32c464af3c0b3d4e3c135033.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: Miss from cloudfront
content-length: 278
x-xss-protection: 1; mode=block
x-request-id: 10d93e8d-49de-482c-b472-dd7dec065ef0
x-runtime: 0.270380
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:53:13 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61140e89-1a2"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds034.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-content/cache/min/1/wp-content/themes/horizon/js/skip-link-focus-fix.js>; rel="canonical"
x-amz-cf-id: uwyOseZxVJDsiPm7ZgDPjdq02hTFDt0j2K83qoumAT02pP2q3B95uw==

GET
H2 200 wp-embed.min.js Show response
d6s3i7h4.rocketcdn.me/wp-includes/js/ 1 KB
1 KB 337ms
306ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-includes/js/wp-embed.min.js?ver=181754a88ef8d377e0659ba01fef26db

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
via: 1.1 d31a115f0836c74b24184a43b912a575.cloudfront.net (CloudFront)
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
content-length: 765
x-xss-protection: 1; mode=block
x-request-id: 2fdf8d75-069a-4f70-a84c-56dc609bd600
x-runtime: 0.263573
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 May 2021 00:21:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60a308a4-592"
x-download-options: noopen
vary: Accept-Encoding
x-hw: 1628852547.cds073.lo4.hn,1628852547.cds090.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
link: <https://dailypay.com/wp-includes/js/wp-embed.min.js>; rel="canonical"
x-amz-cf-id: t34G-Jrxic2UmBOn4Q4LmtaeE6gGTAQv8FOUYQcD4uAH5Aaw5CdK1w==

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 570 KB
145 KB 100ms
32ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b1a8f3b6f90faae30e65739ef166d60336c68e163c07e7f8a2a9df624493944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 f37f104903bda438e8b0547be6e0c193.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 12 Aug 2021 02:30:48 UTC
server: cloudflare
etag: W/"5b7321f57deebc79b8cc5ee735fa60d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfY8kYUfi57vZXD6z8Xsndfhkn8dsdbPb6%2Fs0%2FSnH1SBTGypZu24sv%2BR39HYjQEBVuEoYibe1vWOCF9A7Ldbi4N8l8pQVJne391VKA8Vv1DqegwT5SAx0LnN2UuopIv6TilB35uo4UwMbW41"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LL0ErcE2VQWo._Lu06L_R7fT8dckAz.Q
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 67e173841912323c-FRA
x-amz-cf-id: kbOoKA8-GQzNbl6PklOQC2gWIigt9FfuN1v9ZJrkAgxYcys8Juxn-g==
x-hs-target-asset: FormsNext/static-5.354/bundles/project_with_deps.js

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
66 KB 76ms
43ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85c5c79bc05a1c5f445565bba644ee13855c5eb59142f330cc4d3445727cb2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67019
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 11:02:27 GMT

GET
H2 200 Horizon-H1_web.woff
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/ 30 KB
30 KB 67ms
48ms Font
font/woff 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/Horizon-H1_web.woff

Requested by

Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/style.css?ver=1628704392

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

0213ae7e866f5a46c1e2ce6a994b8467b92701c5994bd591a4dff8b6556eb21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.dailypay.com
Referer: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/style.css?ver=1628704392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
content-length: 30154
x-xss-protection: 1; mode=block
x-request-id: 5dae4430-5a65-4ac0-816d-f712539c0840
x-runtime: 0.230305
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 01 Jul 2021 21:33:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60de34a1-7790"
x-download-options: noopen
access-control-max-age: 7200
x-hw: 1628852547.cds040.lo4.hn,1628852547.cds020.lo4.c
content-type: font/woff
via: 1.1 22513a5f32c464af3c0b3d4e3c135033.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: max-age=31536000, public
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/fonts/Horizon-H1_web.woff>; rel="canonical"
x-amz-cf-id: V2AurdmAB6liAwatlJGQJuIcRU7SSx6NazuJclmv7_3QMgPOzXvrGQ==

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 73 KB
73 KB 51ms
28ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/releases/v5.8.1/css/all.css?ver=1628704392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Origin: https://www.dailypay.com
Referer: https://d6s3i7h4.rocketcdn.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3242411
cf-ray: 67e1738498b04e1a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 74256
x-amz-id-2: rMbBCxvKSr1A6OimvjcTqvcfdW0FlMhuEXtkesdBKHjYsjKKMCh7s9gObKuGOMCR3ZrbqmA8yS8=
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
server: cloudflare
etag: "418dad87601f9c8abd0e5798c0dc1feb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7SZuxK5ftIInx1SJcdOS4kYUEfApCJnySzGNKr81kOQcrdY8CiFKGo8GM7nD5uoUHXKtuZ3nQZQMXaBiC882MOMNMBqoUz%2BugGpWY9IVnYHOuxeGGKuwmpmM%2FgEBasHiWCaIcdsgSNlbkm3DWP1Rpgi"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: JEAJKSG91C085GPR
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 Horizon-H2_web.woff
d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/ 32 KB
32 KB 85ms
68ms Font
font/woff 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://d6s3i7h4.rocketcdn.me/wp-content/themes/horizon/fonts/Horizon-H2_web.woff

Requested by

Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/style.css?ver=1628704392

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx / RocketCDN

Resource Hash

d5577a65c198ab09f55a5f47dca9597330f735ea6a5a678a4a3aef8d3eadafc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.dailypay.com
Referer: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/themes/horizon/style.css?ver=1628704392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: LHR3-C1
x-powered-by: RocketCDN
x-cache: RefreshHit from cloudfront
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
content-length: 32135
x-xss-protection: 1; mode=block
x-request-id: 417bc736-4512-44b4-b76a-bcdd5f703596
x-runtime: 0.264166
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 01 Jul 2021 21:33:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "60de34a0-81a8"
x-download-options: noopen
access-control-max-age: 7200
x-hw: 1628852547.cds040.lo4.hn,1628852547.cds272.lo4.c
content-type: font/woff
via: 1.1 b2c5bb2dfa91176e0d4f75ea11ff9bcc.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: max-age=31536000, public
accept-ranges: bytes
link: <https://dailypay.com/wp-content/themes/horizon/fonts/Horizon-H2_web.woff>; rel="canonical"
x-amz-cf-id: 7QEA2sLe9zaF5CS7SGvYIoSAVKNaW-95cuNooAHE3KI99hL8QVfi1A==

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 73 KB
74 KB 46ms
24ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/releases/v5.8.1/css/all.css?ver=1628704392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

Origin: https://www.dailypay.com
Referer: https://d6s3i7h4.rocketcdn.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3250486
cf-ray: 67e1738498b24e1a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 74768
x-amz-id-2: Mj6gq/PM2E+L/4KxW1mk5/E/Jn8D4e1etujdEP5mmdrtMyTBjhRByFgbUuBcp5kRuEbPx0wNy4g=
last-modified: Wed, 30 Jun 2021 15:46:59 GMT
server: cloudflare
etag: "5e2f92123d241cabecf0b289b9b08d4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nY813sf79bqdJ22SU4RZMvxyXlnPwfEidk%2FBGWIK%2F9eF3ocQZ4niPCmTsCzJV%2FgoYdhDf8xTyAdCkA2vggmB5Xoia%2FvAH4%2B%2BeSMsTt8v%2B8S3XatCFRHN8oIt1w%2BN8Iz3XQAx3hZDLpJryx4CsKzQODS%2B"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: TR3QZMBHDPSRPNZC
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 1799.json Show response
script.crazyegg.com/pages/data-scripts/0095/ 8 KB
2 KB 35ms
17ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0095/1799.json?t=1
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/pages/scripts/0095/1799.js?ver=1628704393
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ad1dcb28e71542cbbfa3a3e03dcb2614164f5d23640455703e1c26af22bb25

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 270929
ce-version: 11.1.323
content-length: 1632
timing-allow-origin: *
last-modified: Tue, 10 Aug 2021 07:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 67e173870f6a535d-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: sbwokJtq7r67Z+KuXEpSTGDXBLqZLUSA7CDp1gJQq6Yh0ebXAfSknaEmv032XHWp0rTtHFDPuWJ+RS3GCffyzg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Fri, 13 Aug 2021 11:02:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 153ms
62ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 11:02:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 6526
date: Fri, 13 Aug 2021 09:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 13 Aug 2021 11:13:41 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 3689ms
145ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 11:02:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=11326
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
832 B 141ms
110ms Script
application/javascript 2a02:26f0:6c00:29e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:29e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "d281f5ef4add283680ff41edc6dd28c4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 35d5871d-2.16.186.230
accept-ranges: bytes
content-length: 584
access-control-expose-headers: X-CDN

GET
H3-29

200

activityi;dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F Show response
10697569.fls.doubleclick.net/ Frame 698B
Redirect Chain

https://10697569.fls.doubleclick.net/activityi;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F?
https://10697569.fls.doubleclick.net/activityi;dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2F...

484 B
404 B

109ms
54ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10697569.fls.doubleclick.net/activityi;dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

4c51f43c487e5e22fb10336d8b32974759eb82d14b2e2ee64f5889d33ad8c8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10697569.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailypay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 11:02:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 379
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Aug-2021 11:17:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 11:02:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10697569.fls.doubleclick.net/activityi;dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-708243707

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ac29af6e30cf256f244bfd7a7fb1ecfa982b472347f97140724987895ae3898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38993
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 11:02:27 GMT

GET
H2 200 3412011.js Show response
js.hs-scripts.com/ 3 KB
1 KB 189ms
160ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3412011.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 096ed3704704ff3e2c60b3a25ccc6fb12cc0c12d68f907ad5b7744ce80ebb79c

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-hubspot-correlation-id: d4d46af6-ef4f-4408-9dd5-76a6a07fe45b
x-trace: 2B9F4D8F8C18DA7B6D5BEDA33E70A89EFF185CDF59000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.dailypay.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 67e173881988535d-FRA
expires: Fri, 13 Aug 2021 11:03:27 GMT

GET
H2 200 oribi.js Show response
cdn.oribi.io/XzI0NTIyOTk3NA/ 108 KB
35 KB 229ms
181ms Script
application/javascript 2600:9000:21f3:600:13:c079:7880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.oribi.io/XzI0NTIyOTk3NA/oribi.js
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:600:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c6d1749843e57b5ff1a94dfca0c1ade4af3b8cd3883c6a5d61e2542e02a4b571

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=60
content-encoding: gzip
x-amz-cf-id: 1w_9xHaYcLWxT4aOAiazXq24uC568KkGrvrZuCyyzUIp_8dgUXfGzA==
x-application-context: application

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://one.progmxs.com/seg?add=23063136&t=1
https://secure.adnxs.com/seg?add=23063136&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23063136%26t%3D1

0
1005 B

52ms
51ms

Script
application/javascript

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23063136%26t%3D1

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 11:02:28 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4f388d39-e061-4e96-804f-3ca367f17560
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 11:02:28 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5c40c7a7-59ce-4ad8-8e35-a514ac59c66b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D23063136%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 psrvzv53h6p9.js Show response
js.driftt.com/include/1628852700000/ 214 KB
61 KB 301ms
181ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1628852700000/psrvzv53h6p9.js

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

072d970388d4749ce871e59c751c809cbdb37e2ef0759086474a2246eb20c6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 20:05:11 GMT
server: nginx
etag: W/"e0db4a45ba2c59ce0a84e4a566e39d10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dD3Wp6LwV7eSis3Qw9nyssKu8PSKshsR
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CuPdHIR9kr9ulQr88gnjnyjo2quRps8sYtP4sBdPlJPxY_clqvBC8Q==

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-402085778

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c202020f185a48428149a3842101650920848f344dd358cd2483b7ca9862125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38995
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 11:02:27 GMT

GET
H2 200 tracker.js Show response
serve.nrich.ai/tracker/assets/ 2 KB
2 KB 168ms
53ms Script
text/javascript 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://serve.nrich.ai/tracker/assets/tracker.js?nto=nt

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

51.178.78.162 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3165917.ip-51-178-78.eu

Software

nginx/1.18.0 /

Resource Hash

a61baf5138a18e427b8a217aa49ddc20fa7423a14ddc970183e48b3c349f57a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: W/"9e3-DHC9kVsEpF1vWkdL5bkT+65W950"
x-download-options: noopen
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
expires: Fri, 13 Aug 2021 11:02:27 GMT

GET
H2 200 pa-60ae9298541c6000110000ec.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 149ms
123ms Script
application/javascript 2606:4700:10::6814:14ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-60ae9298541c6000110000ec.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ddb731042b267d08b669e92dc5f09702e414ed7d7419fbe69d90bb1ef2816ae

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 11 May 2021 14:01:36 GMT
server: cloudflare
etag: W/"609a8e40-1852"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 67e173881cf9dfbf-FRA
expires: Fri, 13 Aug 2021 11:07:27 GMT

GET
H2 200 0cTSBp93HBv6BrdL3Ez9 Show response
ws.zoominfo.com/pixel/ 0
490 B 257ms
216ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/0cTSBp93HBv6BrdL3Ez9

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 67e173882f7905c4-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0

GET
H/1.1 200
OK smart.js Show response
meta.resetdigital.co/Scripts/ 1 KB
1 KB 418ms
137ms Script
application/json 172.106.112.186
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: https://meta.resetdigital.co/Scripts/smart.js?px=1000120
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.106.112.186 Ashburn, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: /
Resource Hash: 6298cb1d092e2b5987f4278b65b7118ecbaef5183c39fb92a414e25074fd70d6

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 1305
Content-Type: application/json

GET
H/1.1 200
OK analytics.js Show response
app.fivetier.com/buyandplace/api/analytics/ 2 KB
3 KB 564ms
138ms Script
application/javascript 34.198.11.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.fivetier.com/buyandplace/api/analytics/analytics.js?_=1628852547828
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.11.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-11-176.compute-1.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash: 140dd7a5fc4ab13d6133263a04e26edc808d31fca4b30ae7a6071486e449982a

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 11:02:28 GMT
Last-Modified: Wed, 05 Feb 2020 15:08:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "8c7-59dd5889ae240"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2247

GET
H2 200 init-1445zv3iyiltd06pq6bk.js Show response
api.fouanalytics.com/api/ 469 B
984 B 215ms
186ms Script
text/javascript 2606:4700:3036::ac43:c834
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1445zv3iyiltd06pq6bk.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZNP9W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c834 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 841ab9e45f28771e4184ecb3b7943a290399092d2deead6a335882901b5b4dd0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgMld1J%2BjfNDrXirKjZ8f%2FzQ4x98jVt6ltWngvUuT82nM2dZkDuYfvXpkQfrEhIgt%2FWXHfjamn6AzEzLp725SMYn50vaoG13oX%2B1JDh2EbaEKr1GdJab5SbJzY0ClgQjd2XqQGNU0NSQaP%2FA1oWnSYPrOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 67e17389096242f7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: -1

GET
H2 200 activityi;register_conversion=1;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F
10697569.fls.doubleclick.net/ 0
0 54ms
53ms Image
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10697569.fls.doubleclick.net/activityi;register_conversion=1;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F?
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK tag
udxsva.com/ 43 B
194 B 566ms
132ms Image
image/gif 205.235.84.161
IMDC-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udxsva.com/tag?id=21144
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.235.84.161 , United States, ASN62947 (IMDC-AS1, US),
Reverse DNS
Software: Jetty(9.4.z-SNAPSHOT) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 11:02:28 GMT
Server: Jetty(9.4.z-SNAPSHOT)
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 81 KB
26 KB 49ms
18ms Script
application/javascript 2606:4700::6811:81ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/3412011.js?ver=1628704393
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14

Request headers

Origin: https://www.dailypay.com
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
via: 1.1 c974a69619205281e0e6b8e73f95e4b5.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 80786
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.243/bundles/project.js&cfRay=67d9bf39ea62145a-EWR
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 67e173894c621f2d-FRA
last-modified: Mon, 26 Jul 2021 08:57:16 UTC
server: cloudflare
etag: W/"71e1b9bc533ea0484715e256cd176305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: B7tJDnPGhJYQnx9vLunWV_JVNjkGgLI4
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: AKIFegwwh5jRcwvaQCo_LA9unajCW_McPVtAKGF8TcmBRuzlt-YWdQ==
x-hs-target-asset: collected-forms-embed-js/static-1.243/bundles/project.js

GET
H2 200 3412011.js Show response
js.hs-banner.com/ 60 KB
16 KB 439ms
406ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3412011.js
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/3412011.js?ver=1628704393
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b0a522258b5dfed2e79cbfc67a24a21008b540965ed81468708fb8e463ad99

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 3YFJ964QEGVP6GVQ
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: oZKqJQB/BeKNj86MLiuvIzJLdsKkMbHaUrU04b0ME8gWW7rL3YaTw5Rv7tsoDKoTltz1G49zh/E=
timing-allow-origin: *
last-modified: Wed, 14 Jul 2021 14:41:45 GMT
server: cloudflare
etag: W/"610f0427390f65b9280edd4d9fd204bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: i40S33REY.3VClviZn5HwFmfysAcBvee
access-control-allow-origin: https://www.dailypay.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 67e173899fabc2f4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 13 Aug 2021 11:07:28 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 52ms
25ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/3412011.js?ver=1628704393
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61804551df4850738aa4af379b154e46c0bcb9c200a2d2dc5e845ee702948c19

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
via: 1.1 ba82151bf51e4c722c5305c983d8b71e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 404
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.240/bundles/pixels-release.js&cfRay=67e169ac988a4e79-EWR
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 10 Aug 2021 02:40:31 UTC
server: cloudflare
etag: W/"8ee0488507384d951abdd5a2c4850b8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: CrG.3GFsy7oo.WK92RlW399Ge142Cqti
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 67e173898c95dfeb-FRA
x-amz-cf-id: lfd4UdNQMDN3VEtJcptbrxEhyBDIBNU-kePYGYr0bkNeisqONc3eWg==
x-hs-target-asset: adsscriptloaderstatic/static-1.240/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 81 KB
21 KB 39ms
15ms Script
application/javascript 2606:4700::6811:edcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/3412011.js?ver=1628704393
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135a9fc420876da9eea0a7b20e0fe74ac6584ebd5825c60b73c02276d2fdf89c

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
via: 1.1 4db130e87be66fce9731567ae0669c56.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 409
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9098/bundles/project.js&cfRay=67e1698d897905c4-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 03 Aug 2021 02:13:13 UTC
server: cloudflare
etag: W/"caab0be0604bbddfdb01545112c2586d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 8S0mOLs9KUVy4fQykk6DGr.U0QPaTXhy
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 67e17389ab314e1a-FRA
x-amz-cf-id: QyWV8cdZuxJ0bvxFcDBYaTiVezsloLmIrDtUfFdzjYdte-5glC9DyQ==
x-hs-target-asset: conversations-embed/static-1.9098/bundles/project.js

GET
H2 200 3412011.js Show response
js.hs-analytics.net/analytics/1628704200000/ 62 KB
20 KB 170ms
146ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1628704200000/3412011.js
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/3412011.js?ver=1628704393
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3023bc662e8805484d9429483a370124fb33ebd118929fd3c0e30b728f213d

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: AZFXMJKBPGY2RMCP
x-amz-server-side-encryption: AES256
cf-ray: 67e17389eb2a2b12-FRA
x-amz-id-2: NlmtuDrsUelgGQBnyqjqD+Pt3JpgK3VJ8b8dMHOvrYoKwZYFoyEIcDGffvPV6L/7X6lFlKeX4xM=
last-modified: Mon, 19 Jul 2021 14:36:46 GMT
server: cloudflare
etag: W/"d7b3bc3b74ab4422ced844c375a8fb5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Fri, 13 Aug 2021 11:07:28 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 471 KB
85 KB 38ms
22ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/3412011.js?ver=1628704393
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdb27a10cec577751f00fa25c98d4082b9a52895e49cf6b80deaf53019f2f927

Request headers

Origin: https://www.dailypay.com
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
via: 1.1 e89d95d090c0c86ecc7b8930e434625d.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 75502
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1039/bundle/main/lead-flows-release.js&cfRay=67da40392e90176e-EWR
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 67e17389e9fd4a9d-FRA
last-modified: Mon, 26 Jul 2021 08:52:37 UTC
server: cloudflare
etag: W/"65aba871d204f4d2a23911fffe5b9333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: xfPAs8WuoRmduLV_FDghm3Gjwdwpto33
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: DuIqB-9bc-mAyA4Gx7H9wTMLGv9SAcR7AnPJKQmEvny-gsxN_uMCiw==
x-hs-target-asset: lead-flows-js/static-1.1039/bundle/main/lead-flows-release.js

GET
H2 200 11.1.323.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 37ms
14ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Requested by: Host: d6s3i7h4.rocketcdn.me
URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/pages/scripts/0095/1799.js?ver=1628704393
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714cafff07c401d54cda0b09af30d81dd5e3e2bc5891556168366fcc771a5bc4

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jul 2021 13:13:31 GMT
server: cloudflare
age: 1454441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 67e17388284d05dc-FRA
content-length: 21471

GET
H2 200 lftracker_v1_ywVkO4X6KKO8Z6Bj.js Show response
sc.lfeeder.com/ 20 KB
8 KB 65ms
17ms Script
application/javascript 2600:9000:20eb:ae00:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_ywVkO4X6KKO8Z6Bj.js
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ae00:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e3ff5d45ecb3673636e3511023435ce39223c918b3b112ca3095014ebc87ef6

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0HaEJrUIuDQlGBD7vFCxCHNkuDi8ZtJg
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 09:42:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"3e506006572eb65793c3a845a5effb8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Fri, 13 Aug 2021 11:02:28 GMT
x-amz-cf-id: Mlo0O4ny7OT9jaP80nDoyeC5mUGexV4U-vvW9YChkrCSui2-EQzOlA==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=857135078&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailypay.com%2F&ul=en-us&de=UTF-8&dt=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1185353772&gjid=324439758&cid=738022258.1628852548&tid=UA-68122528-11&_gid=1804197226.1628852548&_r=1&gtm=2wg8b0WFZNP9W&z=1351923738

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dailypay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=857135078&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailypay.com%2F&ul=en-us&de=UTF-8&dt=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=854318489&gjid=544089339&cid=738022258.1628852548&tid=UA-68122528-1&_gid=1804197226.1628852548&_r=1&gtm=2wg8b0WFZNP9W&z=1494559782

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dailypay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 499808610217646 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 134ms
132ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/499808610217646?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76e278271388fb1b19619db09aa45a9c2b30f7e991785cf52e12d9c779c1e01d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: vBFuE5MAfDG/gt6n3Ru5WUYP/WwqH/kkivcNHrPXSIei1qq7x3TAMM2P3y396F6K8gumy7W++ofwq1RI8JLIKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 13 Aug 2021 11:02:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-68122528-11&cid=738022258.1628852548&jid=1185353772&gjid=324439758&_gid=1804197226.1628852548&_u=YEBAAEAAAAAAAC~&z=288921993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 13 Aug 2021 11:02:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.dailypay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-68122528-1&cid=738022258.1628852548&jid=854318489&gjid=544089339&_gid=1804197226.1628852548&_u=YEDAAEABAAAAAC~&z=111587880

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 13 Aug 2021 11:02:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.dailypay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1799.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0095/ 244 B
262 B 23ms
21ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0095/1799.json?t=452459
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e1f4b735ee96a99d3b77e25cfe5c1b82be7848b33dfa83b0164879ec84b2c87

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7192
ce-version: 11.1.323
content-length: 170
timing-allow-origin: *
last-modified: Fri, 13 Aug 2021 09:02:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 67e173888ad0535d-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
113 B 22ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-68122528-11&cid=738022258.1628852548&jid=1185353772&_u=YEBAAEAAAAAAAC~&z=1867048665

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
18ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-68122528-11&cid=738022258.1628852548&jid=1185353772&_u=YEBAAEAAAAAAAC~&z=1867048665

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 21ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-68122528-1&cid=738022258.1628852548&jid=854318489&_u=YEDAAEABAAAAAC~&z=726232347

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
18ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-68122528-1&cid=738022258.1628852548&jid=854318489&_u=YEDAAEABAAAAAC~&z=726232347

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.89cd5bf4.js Show response
s.pinimg.com/ct/lib/ 49 KB
17 KB 193ms
192ms Script
application/javascript 2a02:26f0:6c00:29e::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:29e::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "6deee3ea7ecc4a5d9687c1bd57018c16"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 35d58860-2.16.186.230
accept-ranges: bytes
content-length: 17418
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/940724836/ 2 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940724836/?random=1628852547964&cv=9&fst=1628852547964&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8b0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

173d1f2dbc34a9c6fdcaf06412c2ed8593dcfffa384149bed25d5f976f506514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1010
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/708243707/ 2 KB
1 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708243707/?random=1628852547968&cv=9&fst=1628852547968&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8b0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4ed7bb27ace84c32fd60785c52a9c68d16f8d938fb89da8fcfd8c25f6f0ab02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1032
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 64449d77-308f-4897-a609-5ffcc167c70c Show response
serve.nrich.ai/tracker/ 1 KB
1 KB 187ms
67ms XHR
text/html 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://serve.nrich.ai/tracker/64449d77-308f-4897-a609-5ffcc167c70c?nauid=&cb=0.01195611982578626

Requested by

Host: serve.nrich.ai
URL: https://serve.nrich.ai/tracker/assets/tracker.js?nto=nt

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

51.178.78.162 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3165917.ip-51-178-78.eu

Software

nginx/1.18.0 /

Resource Hash

0454862ee119e07048037411768e8b84b47652f8c7d6b1dd8bfdad509399036b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-xss-protection: 1; mode=block
server: nginx/1.18.0
etag: W/"520-ilHg6Udngajd7W6tLGkJfN3StcI"
x-download-options: noopen
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
expires: Fri, 13 Aug 2021 11:02:28 GMT

POST
H2 202 event Show response
gw.oribi.io/ 0
408 B 612ms
203ms XHR
text/plain 44.239.184.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.oribi.io/event
Requested by: Host: cdn.oribi.io
URL: https://cdn.oribi.io/XzI0NTIyOTk3NA/oribi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.184.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-184-180.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailypay.com
date: Fri, 13 Aug 2021 11:02:28 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
x-application-context: application
content-type: text/plain

GET
H3-29 200 1344263099073052 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 153ms
152ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1344263099073052?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72be96bb1787f1dd7e6feb7d77363ad867b3be5da7b29399dd4f0bd58f3d0aba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: iUvZphiuEl5pcVHJIkMFCPGUMWr0MH/X5vJ+2wo04sZHfScb8XYvLrkSnrzuY8sNdi1tAlxHgFzN1Vdo2r77Ug==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 13 Aug 2021 11:02:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 14ms
13ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=499808610217646&ev=PageView&dl=https%3A%2F%2Fwww.dailypay.com%2F&rl=&if=false&ts=1628852548144&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628852548143.652958321&it=1628852547914&coo=false&rqm=GET

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 13 Aug 2021 11:02:28 GMT

GET
H2 200 dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 27B3 483 B
472 B 42ms
33ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F

Requested by

Host: 10697569.fls.doubleclick.net
URL: https://10697569.fls.doubleclick.net/activityi;dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f85b7688cf780569fc434ca6ef98b3b2a2bd72ecac611765aa611fe9e9e68bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10697569.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10697569.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 11:02:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 259 B
1 KB 156ms
142ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3412011&conversations-embed=static-1.9098&mobile=false&messagesUtk=f17ae542d2e64035ac5e3635f40b24de&traceId=f17ae542d2e64035ac5e3635f40b24de

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51dbcd2504f0b925a94584143544136f12bc543df919e18eccb148fc50345473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dailypay.com/

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 823f820e-1200-45b7-a8cb-ccc448e6542e
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 205
server: cloudflare
x-trace: 2B064CD93D74328B6C413DA2B321DFD7030BC08236000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UXlV%2B8Yr%2BwUgbtD9abPKnrZ8K64iDujkQ19e%2BY7lMg8wMANYbY%2BQ2Lxf%2BoN8IjlrM3S75kFQUuNrWTWKTlaiU3nKuPADvGM3rBYnuLmvZWkIVUe5UtvoFzwZMoGz2cuc7G5vwABmhxGL8qW0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.dailypay.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 67e1738b68e7d6c9-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 148ms
127ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.dailypay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 67e1738a7c3e4e31-FRA
access-control-allow-origin: https://www.dailypay.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: c956e185-f6a6-4c78-81c3-497f72466843
x-trace: 2B10542DB2AAA4BF88E2162379054CC4A36473FAD3000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Duehntjxglj7G3AfHX7AXmSPGR0qEq3qGay0j%2Fz90ICD%2BQBwNCunUH%2FfYAdGyJfR17ULnSg2t7qHXis4PN5XN1jU1u%2BhN4LRKQjcEv4JtOAQ9cOngBLGe03WehB7aOecAvHE29fp3HZbc4LomQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
505 B 132ms
111ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 5fc6e998-0720-42f8-b661-8efe55a5926d
x-trace: 2B0E3C2009EF5D1D7E1F5367EFFD20E28DBD88A324000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 67e1738a98afd6c1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35

GET
H2 200 / Show response
tag.nrich.ai/learning/v1/ 43 KB
14 KB 90ms
82ms Script
text/javascript 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.nrich.ai/learning/v1/?ltid=446e0d71-3b98-470c-a7b0-83e6760edc8d&ip_area_id=48659&lead=&client_id=1235
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 / Express
Resource Hash: b62028a95d4be4e6faf57aa2a07a2e0591533abb5251794dc00ca37c259ee0d6

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: gzip
etag: W/"abd8-V0tmoWNTdWqDxqrzjEmpsKi0dss"
server: nginx/1.18.0
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
cache-control: public, max-age=86400, no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
front-end-https: on

GET
H2 200 / Show response
ct.pinterest.com/user/ 443 B
561 B 239ms
96ms XHR
application/json 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613667073768&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1628852548266
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 45eb4a06b8ac41231cacdee781d6a1175ed0dc544c3982b708305b281feaaab3

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.dailypay.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU1HTTFZamM1WVRJdE1UVmhPUzAwWlRZM0xXRTBPREl0TXpFME56RTNaalpsWlRVMA
x-pinterest-rid: 1210238200356477
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
content-length: 331
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
246 B 227ms
95ms Image
image/gif 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613667073768&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.dailypay.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1628852548268
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1181159903299226
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 16 KB
16 KB 815ms
383ms Script
application/javascript 54.184.88.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.js
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.184.88.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-184-88-159.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash: 0744184a06c1c638519583ffd097ac94380d7a8e2a6ce3f8be92de87755fa75a

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
last-modified: Fri, 13 Aug 2021 00:43:13 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
accept-ranges: bytes
etag: "40ef-5c96622eabe1e"
content-length: 16623
content-type: application/javascript

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/940724836/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/940724836/?random=1628852547964&cv=9&fst=1628852400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&async=1&fmt=3&is_vtc=1&random=2365021304&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/940724836/ 42 B
64 B 31ms
29ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/940724836/?random=1628852547964&cv=9&fst=1628852400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8b0&sendb=1&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&async=1&fmt=3&is_vtc=1&random=2365021304&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F Show response
10697569.fls.doubleclick.net/ddm/fls/r/ Frame 67A7
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.daily...
https://10697569.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2F...

377 B
313 B

56ms
53ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10697569.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

19c22bf10c9eaf7ff28627528eb6a1af265ff88f00e4bdc8027565da93b9c67a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10697569.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnpKoIW1H99XAGkBrO5Byf4gKY8hhWj57XDR8E1trmFsJFbUh01SDdfAig5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 11:02:28 GMT
expires: Fri, 13 Aug 2021 11:02:28 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 290
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 13 Aug 2021 11:02:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://10697569.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/708243707/ 42 B
64 B 35ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/708243707/?random=1628852547968&cv=9&fst=1628852400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&async=1&fmt=3&is_vtc=1&random=1547237961&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/708243707/ 42 B
64 B 28ms
18ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/708243707/?random=1628852547968&cv=9&fst=1628852400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&async=1&fmt=3&is_vtc=1&random=1547237961&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 922206921880804 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 133ms
131ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/922206921880804?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b6e3379669d670c5769d462bf90919917c092adcdd1da3b5d04b712f5d15153

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: D6PXj14uPx99sr9CXB7LZ1x1nBGkZl/zp0/Gt8Is2fkfSA4VFW11If1HAmeP1YREq9mzUU7AUUuHsmIHCwvtQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 13 Aug 2021 11:02:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 27ms
26ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1344263099073052&ev=PageView&dl=https%3A%2F%2Fwww.dailypay.com%2F&rl=&if=false&ts=1628852548359&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628852548143.652958321&it=1628852547914&coo=false&rqm=GET

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 13 Aug 2021 11:02:28 GMT

GET
H2 200 renderRequiredTags Show response
audience.nrich.ai/audience/v1/ 8 KB
4 KB 72ms
58ms Script
text/javascript 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://audience.nrich.ai/audience/v1/renderRequiredTags?ltid=446e0d71-3b98-470c-a7b0-83e6760edc8d&ip_area_id=48659&client_id=1235&type=tracking
Requested by: Host: tag.nrich.ai
URL: https://tag.nrich.ai/learning/v1/?ltid=446e0d71-3b98-470c-a7b0-83e6760edc8d&ip_area_id=48659&lead=&client_id=1235
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 / Express
Resource Hash: 26fc6333bf544e0ee8663f3c2f987520023c10610fb98cb99f6f4b89199f8a3a

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/402085778/ 2 KB
1 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/402085778/?random=1628852548470&cv=9&fst=1628852548470&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8b0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6db36d490bdd6ae773c8d5683355e7a765f01b2ac7decacc6e03743f7c8f4578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1034
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK smart
meta.resetdigital.co/ 0
244 B 138ms
137ms Image
text/html 172.106.112.186
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meta.resetdigital.co/smart?px=1000120&k=&t=On%20Demand%20Pay%20Provider%20|%20DailyPay&d=An%20on-demand%20pay%20platform%20that%20delivers%20early%20access%20to%20earned%20wages%20and%20works%20with%20all%20HR/HCM/payroll%20systems.&email=&purl=https%3A%2F%2Fwww.dailypay.com%2F
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.106.112.186 Ashburn, United States, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 0
Content-Type: text/html

GET
H2 200 /
bpi.rtactivate.com/tag/ 43 B
109 B 483ms
180ms Image
image/gif 52.201.132.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=20784&user_id=
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.132.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-132-210.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2 200 pp.js Show response
api-54-218-243-92.b2c.com/s/ 13 KB
5 KB 59ms
23ms Script
text/javascript 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-54-218-243-92.b2c.com/s/pp.js
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebc49e883a573dd0f1ee42a9c60d8a01420005131962dc533bad78f10a91f4d8

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 18:50:29 GMT
server: cloudflare
age: 868
etag: W/"6101a6f5-3305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHCdGsdy3eLMU7PVxw6IjeV3oy2Huv1VSb9ckltMMBqUw%2BeoCe104kpaJVdMfd3J4J6MHrDjbRz4vh4LNdRAhkyYgTlDg0Gw08PVSiMrjXF9PvBgpQqi6r3XopPVAJCypOX6tQ9GVpGGSoajBPhGbKQxyqN1rlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67e1738c2a8e4e8b-FRA

POST
H2 202 event Show response
gw.oribi.io/ 0
408 B 254ms
201ms XHR
text/plain 44.239.184.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.oribi.io/event
Requested by: Host: cdn.oribi.io
URL: https://cdn.oribi.io/XzI0NTIyOTk3NA/oribi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.184.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-184-180.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailypay.com
date: Fri, 13 Aug 2021 11:02:28 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
x-application-context: application
content-type: text/plain

GET
H2 200 pixel
tag.nrich.ai/learning/v1/ 49 B
793 B 79ms
79ms Image
image/gif 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.nrich.ai/learning/v1/pixel?ltid=446e0d71-3b98-470c-a7b0-83e6760edc8d&is_test=false&en=TRACKING&ncid=1235&ntid=64449d77-308f-4897-a609-5ffcc167c70c&ipAreaId=48659&ipAreaIsUsedProfile=false&ipAreaIpId=48659&ipAreaCompanyId=&ipAreaCompanyIpId=&cookieless=false&bwidth=1600&bheight=1200&swidth=1600&sheight=1200&url=https%3A%2F%2Fwww.dailypay.com%2F&ref=https%3A%2F%2Fwww.dailypay.com%2F&timezone=120&_=1628852548476
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.019194
date: Fri, 13 Aug 2021 11:02:28 GMT
server: nginx/1.18.0
front-end-https: on
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
cache-control: private, no-cache
content-transfer-encoding: binary
content-disposition: inline; filename="blank.gif"
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
x-request-id: b1929a91-1e10-473e-9b4f-74cf01d5ff08

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/157se82/ub6s8qh/ Frame A422
Redirect Chain

https://insight.adsrvr.org/tags/157se82/ub6s8qh/iframe
https://d1eoo1tco6rr5e.cloudfront.net/157se82/ub6s8qh/iframe

138 B
629 B

183ms
49ms

Document
text/html

13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/157se82/ub6s8qh/iframe
Requested by: Host: 10697569.fls.doubleclick.net
URL: https://10697569.fls.doubleclick.net/ddm/fls/r/dc_pre=CJPTjMzsrfICFc3a3god_CsCyA;src=10697569;type=ret;cat=retar0;ord=9023490088708;gtm=2wg8b0;auiddc=1958521168.1628852548;ps=1;~oref=https%3A%2F%2Fwww.dailypay.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a07668c57414467599e4b6f7ce14acd56f06c16976e1bf7d1613f2f0cf6794c5

Request headers

Host: d1eoo1tco6rr5e.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://10697569.fls.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10697569.fls.doubleclick.net/

Response headers

Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Last-Modified: Tue, 09 Mar 2021 02:20:52 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 12 Aug 2021 16:57:13 GMT
Cache-Control: max-age=86400
ETag: "69b6620877ad37f13ca20d7d8665b9e1"
X-Cache: Hit from cloudfront
Via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: RY_O9ygrEQqJoN04a5H5tzC1PVQzb51UxSevE02mW8DnGcDZRlv_wg==
Age: 65116

Redirect headers

date: Fri, 13 Aug 2021 11:02:28 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/157se82/ub6s8qh/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
198 B 225ms
93ms XHR
text/plain 199.232.80.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1759900644650807
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/402085778/ 42 B
64 B 24ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/402085778/?random=1628852548470&cv=9&fst=1628852400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&async=1&fmt=3&is_vtc=1&random=2880665393&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/402085778/ 42 B
64 B 21ms
19ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/402085778/?random=1628852548470&cv=9&fst=1628852400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&async=1&fmt=3&is_vtc=1&random=2880665393&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 130282684270839 Show response
connect.facebook.net/signals/config/ 256 KB
73 KB 14ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/130282684270839?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3d1e70960dabeed1c3a4972b441919c50e10932f74d45bfec195c528608171e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74895
x-xss-protection: 0
pragma: public
x-fb-debug: phX/D4KoHkmnIx+bEt5EZsZkcHAfa9nAKodZubxTT/Vi3U8cPb/lGmaQXbdREJYcUJ1n/cZKVJtzIm/CEE+omw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 13 Aug 2021 11:02:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
12ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=922206921880804&ev=PageView&dl=https%3A%2F%2Fwww.dailypay.com%2F&rl=&if=false&ts=1628852548528&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628852548143.652958321&it=1628852547914&coo=false&rqm=GET

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 13 Aug 2021 11:02:28 GMT

GET
H2 200 ad.gif
api-54-218-243-92.b2c.com/api/ 43 B
384 B 188ms
188ms Image
image/gif 2606:4700:20::ac43:44a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-54-218-243-92.b2c.com/api/ad.gif
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2B3G6SrHTNy23fBVBHZ0k3nsBjjepAUXN%2BG7PXA115W6%2BowVCUmfFz%2FZ%2FFw%2FfJm%2FNxKjQBFbQ9NlfJ3J99nth0Kk3rHoq7o6%2B0Ajz7149jqiHSZkgOKIe5yVcrNuz7a6577utyZtv%2FV55TP%2BOqUxqtHPZ7BSXDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
cf-ray: 67e1738cbbc74e8b-FRA
content-length: 43

GET
H2 200 sync_result
tag.nrich.ai/learning/v1/ 49 B
556 B 65ms
65ms Image
image/gif 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.nrich.ai/learning/v1/sync_result?client_id=-1&type=fb
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.002703
date: Fri, 13 Aug 2021 11:02:28 GMT
server: nginx/1.18.0
front-end-https: on
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
cache-control: private, no-cache
content-transfer-encoding: binary
content-disposition: inline; filename="blank.gif"
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
x-request-id: ae694d72-680e-4f1b-bb76-f6bd37f4381e

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 14ms
14ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=499808610217646&ev=TRACKING&dl=https%3A%2F%2Fwww.dailypay.com%2F&rl=&if=false&ts=1628852548624&cd[event]=TRACKING&cd[ipAreaId]=48659&cd[segmentIds]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628852548143.652958321&it=1628852547914&coo=false&rqm=GET

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 13 Aug 2021 11:02:28 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 15ms
14ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1344263099073052&ev=TRACKING&dl=https%3A%2F%2Fwww.dailypay.com%2F&rl=&if=false&ts=1628852548626&cd[event]=TRACKING&cd[ipAreaId]=48659&cd[segmentIds]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628852548143.652958321&it=1628852547914&coo=false&rqm=GET

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 13 Aug 2021 11:02:28 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 15ms
15ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=922206921880804&ev=TRACKING&dl=https%3A%2F%2Fwww.dailypay.com%2F&rl=&if=false&ts=1628852548626&cd[event]=TRACKING&cd[ipAreaId]=48659&cd[segmentIds]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628852548143.652958321&it=1628852547914&coo=false&rqm=GET

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 13 Aug 2021 11:02:28 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 15ms
15ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=130282684270839&ev=TRACKING&dl=https%3A%2F%2Fwww.dailypay.com%2F&rl=&if=false&ts=1628852548627&cd[event]=TRACKING&cd[ipAreaId]=48659&cd[segmentIds]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628852548143.652958321&it=1628852547914&coo=false&rqm=GET

Requested by

Host: www.dailypay.com
URL: https://www.dailypay.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 13 Aug 2021 11:02:28 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 12ms
12ms Ping
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVggKRA4qJihpU76s

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 13 Aug 2021 11:02:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.dailypay.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 12ms
12ms Ping
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarycJA3UaGUs2lRxfeB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 13 Aug 2021 11:02:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.dailypay.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1

200
OK

4 Show response
v4-api-54-218-243-92.b2c.com/api/
Redirect Chain

https://api-54-218-243-92.b2c.com/api/x?VqRemB2nw3QEHJAB$dXJsJDAkaHR0cHM6Ly93d3cuZGFpbHlwYXkuY29tLyIsInJlZmVycmVyJDAkIiwiYW5jZXN0b3JPcmlnaW5zJDAkIiwidmlkZW8kMCQxNjAweDEyMDB4MjQiLCJmcmFtZSQwJDAiLCJo...
https://v4-api-54-218-243-92.b2c.com:444/api/4?VqRemB2nw3QEHJAB

43 B
441 B

628ms
210ms

XHR
image/gif

54.218.243.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-54-218-243-92.b2c.com:444/api/4?VqRemB2nw3QEHJAB
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.218.243.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-218-243-92.us-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 11:02:29 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: -1

Redirect headers

date: Fri, 13 Aug 2021 11:02:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-54-218-243-92.b2c.com:444/api/4?VqRemB2nw3QEHJAB
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: https://www.dailypay.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2oG7IBrju4IZoHCsV3zvSmKuTAhEg2ns6r5dY7AqwtDjJA1frYJvw4m5v%2F6pUN3TUUrCT85upHVM%2FrcO%2FeAkMe8uO7yy0LefhUBWkYUtSKw%2B8n2E0YRnnRWB6iTxKHWW9VS49dUE2Dtz64PdGuzAM%2BduhLnfmc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 67e1738eecf42b29-FRA

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame A422 70 B
260 B 64ms
64ms Image
image/gif 34.255.138.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=157se82&ct=0:ub6s8qh&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/157se82/ub6s8qh/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.138.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-138-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 12ms
12ms Ping
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryLwGKEwu4CAvxM6YZ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 13 Aug 2021 11:02:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.dailypay.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 96 B
512 B 245ms
245ms XHR
text/html 54.184.88.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.php?acctTag=fyteaq39280&tz=-120&ref=&u=https%3A%2F%2Fwww.dailypay.com%2F&t=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&lc=null&anon=0&vin=null
Requested by: Host: app.leadsrx.com
URL: https://app.leadsrx.com/visitor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.184.88.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-184-88-159.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: aa9044960523bfd36cb53b32bb9ab19243f952c5514770307971e5e7cb783eec

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailypay.com
date: Fri, 13 Aug 2021 11:02:29 GMT
access-control-allow-credentials: true
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
x-powered-by: PHP/5.6.40
content-length: 96
content-type: text/html; charset=utf-8

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
12ms Ping
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarysm0rd6BwJccx2xtB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 13 Aug 2021 11:02:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.dailypay.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 idsSync
audience.nrich.ai/audience/v1/mas/ 0
387 B 54ms
54ms Image
text/plain 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audience.nrich.ai/audience/v1/mas/idsSync?clientId=1235&mas%5Beloqua%5D=&mas%5Bmarketo%5D=&mas%5Bhubspot%5D=&mas%5Bpardot%5D=
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:29 GMT
server: nginx/1.18.0
x-powered-by: Express
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 add
tag.nrich.ai/learning/v1/pixel/ 49 B
556 B 58ms
55ms Image
image/gif 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.nrich.ai/learning/v1/pixel/add?ltid=446e0d71-3b98-470c-a7b0-83e6760edc8d&visdur=0&engdur=0&&cookieless=false&_=1628852550479
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.002152
date: Fri, 13 Aug 2021 11:02:30 GMT
server: nginx/1.18.0
front-end-https: on
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
cache-control: private, no-cache
content-transfer-encoding: binary
content-disposition: inline; filename="blank.gif"
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
x-request-id: 056482aa-cbb9-477e-b6c8-270036a1c083

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311138&time=1628852551487&url=https%3A%2F%2Fwww.dailypay.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1311138%26time%3D1628852551487%26url%3Dhttps%253A%252F%252Fwww.dailypay.com%252F%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1311138&time=1628852551487&url=https%3A%2F%2Fwww.dailypay.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1311138&time=1628852551487&url=https%3A%2F%2Fwww.dailypay.com%2F&liSync=true&e_ipv6=AQI35cHkOwL55QAAAXs_LYHdMs_Tss0FxcyHm9-qRRReXvzxGullBPLRHMrLD...

0
155 B

612ms
294ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1311138&time=1628852551487&url=https%3A%2F%2Fwww.dailypay.com%2F&liSync=true&e_ipv6=AQI35cHkOwL55QAAAXs_LYHdMs_Tss0FxcyHm9-qRRReXvzxGullBPLRHMrLD-poB1t8TTqG
Requested by: Host: www.dailypay.com
URL: https://www.dailypay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:32 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: sNQVP8TYmhYQfca/mSsAAA==

Redirect headers

date: Fri, 13 Aug 2021 11:02:32 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1311138&time=1628852551487&url=https%3A%2F%2Fwww.dailypay.com%2F&liSync=true&e_ipv6=AQI35cHkOwL55QAAAXs_LYHdMs_Tss0FxcyHm9-qRRReXvzxGullBPLRHMrLD-poB1t8TTqG
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: StUUIsTYmhagE2ZlaisAAA==

GET
H2 200 core Show response
js.driftt.com/ Frame F540 2 KB
1 KB 172ms
171ms Document
text/html 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1628852700000/psrvzv53h6p9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a09776a1fda8c67f72cddaa5a219c26067e1d3d39b86d121d3fc3f3ee67ad675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailypay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dailypay.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 20:04:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: KHIFjah2BnoIJADTuMzMPvFLU8QZhvg2
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 13 Aug 2021 11:02:32 GMT
cache-control: no-cache
etag: W/"6fad0278d758e15234d6f1fb15ccab39"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: WuSNblxN4whKPmK-fJL84HpRwt85SdVmhMTMs-WiZTYxyW2NbCAyYw==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 52B5 2 KB
1 KB 151ms
150ms Document
text/html 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1628852700000/psrvzv53h6p9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a09776a1fda8c67f72cddaa5a219c26067e1d3d39b86d121d3fc3f3ee67ad675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailypay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dailypay.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 12 Aug 2021 20:04:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: KHIFjah2BnoIJADTuMzMPvFLU8QZhvg2
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 13 Aug 2021 11:02:32 GMT
cache-control: no-cache
etag: W/"6fad0278d758e15234d6f1fb15ccab39"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: exT-1cBROBMrhvJ7XaETEFapfAOJVmnBVgRjMsyKU4qgRwh02R8xMQ==

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 615ms
159ms Preflight
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.dailypay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://www.dailypay.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Fri, 13 Aug 2021 11:02:33 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
242 B 149ms
148ms XHR
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20288003387.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.dailypay.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Fri, 13 Aug 2021 11:02:33 GMT
Content-Type: text/plain

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
799 B 46ms
27ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=3412011&ct=standard-page&rcu=https%3A%2F%2Fwww.dailypay.com%2F&pu=https%3A%2F%2Fwww.dailypay.com%2F&t=On+Demand+Pay+Provider+%7C+DailyPay&cts=1628852552865&vi=7262c49a2cc9830cddc6d0e8d4e6191f&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:32 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3fc058db-f076-4c59-9119-7eb3b5632b20
cf-ray: 67e173a78a082b95-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJyJNDTnFDcaATCG1%2FCup66ShiPOWvGyG7cpYOY5CwQv5ggsEKTFyXqHH6DC57idvsp0TgbzIQjhRWmCgECxOte5oDZR9J%2FBI1c8JZgOzK03rQ0wXzgj8oabPSzSzBdCSEyQGbalReGC5iGwqXEy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 141 B
983 B 144ms
125ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3412011

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856cf73b9133597292c88443664e702ede004ec35c10ba7962d5feb52b1f3d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2d450f1e-d593-45f0-9a8e-83afac73f329
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
x-trace: 2BA2C740BBE85D7DD977E7A2EA4BB66FE388228052000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2k%2Fjm7Q1aGmDJ%2BtFUdJN%2F%2F1O9I%2Bx6EPyToG%2F7Oq2UxyMIErKq4X6AdiuL%2FWKbCPer2IhDErE0uqbvy61yVyu179jfm6%2FDmpSYFX1q8NqnBwK%2B7hXCZ%2Bdy5YZw2Y1%2BbSf26WifXK0J21UJtF"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.dailypay.com
access-control-allow-credentials: false
cf-ray: 67e173a798d94a61-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
639 B 145ms
142ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3412011&utk=7262c49a2cc9830cddc6d0e8d4e6191f&__hstc=165511968.7262c49a2cc9830cddc6d0e8d4e6191f.1628852552861.1628852552861.1628852552861.1&__hssc=165511968.1.1628852552862&currentUrl=https%3A%2F%2Fwww.dailypay.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f6b3562b238baf5a7ccfeecdeb2a2178dcf1ec50e002ad64490842695f4a5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 035fcf32-054f-4162-b3ed-6512dac3bbf6
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMgU1CvSW0xhD5eH8z%2Fq0HJ3Hd3f8v2FZ7ytv12%2BBdYAq6lMkNSo%2BS9PvgVbEKaQfiV5wg4MxyzEeb9e37%2BRdlKfMyRY%2BcnTfOwDYEHAlhcvrb%2FLHWMi62Q117mx973Xgx7bexg0emmkTkJ17LhL"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.dailypay.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 67e173a78e5f4e31-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 269ms
66ms XHR
text/plain 34.253.150.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=60ae9298541c6000110000ec&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=167&cE=202&dLE=167&dLS=167&fS=162&hS=182&rE=-1&rS=-1&reS=202&resS=223&resE=227&uEE=-1&uES=-1&dL=226&dI=996&dCLES=1191&dCLEE=1198&dC=6279&lES=6290&lEE=6310&s=nt&title=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&path=https%3A%2F%2Fwww.dailypay.com%2F&ref=&sId=hw7ne8sa&sST=1628852552&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-60ae9298541c6000110000ec.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.150.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-150-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 13 Aug 2021 11:02:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-658176328

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3febccce63b280d51fe0a022516b247833b506c685cb35175e6ca2d4b77b2a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38992
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 11:02:33 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-658176328&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-708243707

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e217cfef3766a5cf20d530925f8dfffb73f252c42e0713b94595adbf6f34130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39001
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Aug 2021 11:02:33 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 14ms
13ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=130282684270839&ev=PageView&dl=https%3A%2F%2Fwww.dailypay.com%2F&rl=&if=false&ts=1628852553021&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.1.1628852548143.652958321&it=1628852547914&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 13 Aug 2021 11:02:33 GMT

GET
H2 200 runtime~main.b7a5ac57.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 6 KB
3 KB 48ms
47ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ed9265d4430018d8bb280ca8d841151bc59cec06355fa5126e9e24c608db417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:58 GMT
content-encoding: gzip
age: 53855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:14 GMT
server: nginx
etag: W/"818ba16af105d5fa96add38b94447adf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wdcQGICfAoVynv_Q4s1geJs9yBEk2v38
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HogIFb3HOK6XRxlfx1oiA4DwjJp-RqDF8aV2glcSDHzrBhVG8ahpcg==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 58 KB
20 KB 53ms
52ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 00:17:01 GMT
content-encoding: gzip
age: 557132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iBvjiHLh7kgNbZm12iPoguAzLwN2NAMgFM3cbz-Jc7buWy_JvD3OtQ==

GET
H2 200 main~493df0b3.6a891983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 6 KB
3 KB 55ms
54ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.6a891983.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b09e3b9615210dde8e0f0594ec34271b5a9847d755de80f7c8459860fa6a380e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574216
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:27 GMT
server: nginx
etag: W/"31470d5e039dd5d20457533806f15f82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4on25oB445WeNX23BljWSRDX2DgBIfh3
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EirD4bZcfN_rfLpnGaxHdiPC3o5eyFu3rjyBHHqOQ8nUW4HHGwDkNQ==

GET
H2 200 runtime~main.b7a5ac57.js Show response
js.driftt.com/core/assets/js/ Frame F540 6 KB
3 KB 48ms
47ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ed9265d4430018d8bb280ca8d841151bc59cec06355fa5126e9e24c608db417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:58 GMT
content-encoding: gzip
age: 53855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:14 GMT
server: nginx
etag: W/"818ba16af105d5fa96add38b94447adf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wdcQGICfAoVynv_Q4s1geJs9yBEk2v38
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dpxoBCftvBThRalRvH_a5JtFdv3wpXmVxZ5sBXIBuo9NX0nEd0lXKA==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 58 KB
20 KB 59ms
58ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 00:17:01 GMT
content-encoding: gzip
age: 557132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 20fWIueLwDzlpbtyvV8HJSND2BY5hMKfXPgIoG-7S67fHAEnYNHHPQ==

GET
H2 200 main~493df0b3.6a891983.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 6 KB
3 KB 61ms
61ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.6a891983.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b09e3b9615210dde8e0f0594ec34271b5a9847d755de80f7c8459860fa6a380e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574216
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:27 GMT
server: nginx
etag: W/"31470d5e039dd5d20457533806f15f82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4on25oB445WeNX23BljWSRDX2DgBIfh3
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d2n9rD3gf6G_7tOxgY3LN5P_2Fnw0PzX2r9bX4vP1shFwWYVXWsUyA==

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 65ms
63ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658176328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 11:02:33 GMT

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 44 KB
13 KB 59ms
50ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 2405040
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wpNCifPQaUlxrOgJa46zGYUj4md1C9d5aapD7pOIGCEvFkYiRo620g==

GET
H2 200 18.9c5cc161.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 44 KB
13 KB 64ms
57ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 759933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"9628e411ea23d2bee3311d3ce5be363c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gKLNlue.uzN77IPXPW_MnMmQxrKeoE2X
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OMU8S81beo-gRui7J5jZ03nJPluZtM0pC746HZtSBBQ7o6qgebB7Vg==

GET
H2 200 34.73f521ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 25 KB
8 KB 65ms
58ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.73f521ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f7091ce8a9a66189bf5348e3af60a5705a9a6302f505339f051ad59ce894d568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 759933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"d69dcbbb307d841744f818ddc6861a56"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jp8CuiDazFvZSYli910XK68x2F8gkbyt
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qzZtBl7mMfblo9KJm3k2vANmb4JuH_l2gONHGicHlEsaDYfY8RjD0w==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 16 KB
5 KB 67ms
59ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q0TH-NZT9pp7Kf6Z_ix9VhfC2S46C_DP3QlgF-7HfpDRrQWVvdKLxA==

GET
H2 200 16.257925d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 83 KB
26 KB 69ms
62ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.257925d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2454ec519e24ef9423ec7a339a25425d51d91098a1ea1f580b2fc84ec935d19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"e01f689afdf7b5830142f42ae4ee09bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9beqkj8VSI6eAcjaIi_Gh2CsKspyGkMp
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JsR6x_6AQ3fBPrMbwAdlq8GzRwWSkdo3GktzG8xS58ozQQJ8ozf2Tw==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 59 KB
19 KB 81ms
74ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nKQh5OuATGcKhk1MB7PnaTnsykFMoMkoXc-WXa2bfMMeWJf-xXvzzQ==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 91 KB
28 KB 84ms
77ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 00:17:01 GMT
content-encoding: gzip
age: 557132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: e1xuQBsU_XwmUA932pcF3g0tv8wGhV1lxr0xc81robr8EOZrjmUBvA==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 23 KB
7 KB 92ms
85ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NTEMgCFXHgY3yxGzzah0TLH5v8gG76kLKU9Oq-oCgTuueNIKWv-laQ==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 62 KB
19 KB 100ms
93ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Uczkyfg5DbMZc2kWN9MquwShpOy8jsUiEOYbuscdoYZzyk5CRk7nqg==

GET
H2 200 39.a5b56347.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 105 KB
34 KB 102ms
95ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.a5b56347.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d57c9ea10eb85de4cc1f71452737728de84fc986ad19f1835d82aad6a814cfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 759933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"838b1df72227501d09348b5af290c40a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eEwBi4Gr92N2FILUHMD4W69ZILAjLoGe
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xUxtiO3QFy2X4lo0QdjKAmD7bpxwBj60XLR26iav0DPqR5yOoEYdkw==

GET
H2 200 32.f0210426.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 12 KB
4 KB 118ms
111ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.f0210426.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fe47f22e3fc1c2249fec433edab6fa51acc3daccb2558204af5b2d627b2e6808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"2a252030aae2ea989e972f252034bfc3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yFE6TMHTKBR2MeahX77xuFFC6uywsPre
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YlTTB5CeqtHiCxyYR2dytsdSWZ-GOZLLFhjjr3UnOgTQa3-HMEeP_w==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 12 KB
5 KB 118ms
112ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jxGTo0RuF-IjEmyoi7CoWVpn5inGbVyZZiVFDm6rzkkW26PpgefQXw==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 17 KB
7 KB 123ms
116ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: go5bgLz1uqH1mXEw3Tl.DlYL4V5K21A_
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8iuIdmIYA6gkXfmIBgKfbx-8eUnOHp6_ym910zBA00-h8HjJchKWfA==

GET
H2 200 7.004395ae.chunk.css
js.driftt.com/core/assets/css/ Frame 52B5 11 KB
3 KB 51ms
46ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.004395ae.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d3d1211071d1961b504b36fa6754a09c7feb9e2b923c53d41399166106c6878e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:16:50 GMT
content-encoding: gzip
age: 67543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:09:35 GMT
server: nginx
etag: W/"559577b02e08d038ea08b39691db92db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SSjK0M1BkHlo.72r.TJWo50rv3d0Fwcn
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: j20r3xCXywrmVeVwxoqmJ832Ld12pp3e9oLPTOx46p74oVfoIrTP5Q==

GET
H2 200 7.275375de.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 70 KB
21 KB 125ms
119ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.275375de.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1336386616a05e47a33c5a4f189afe6eeb923faa6b7d0a4c55a153bfdf5cac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 65741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:55 GMT
server: nginx
etag: W/"9d7219a0a1173ab931a3cbf999911624"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ihGrkvo0yI_eKU9llvi4uXbGAevlAwa_
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XWGSv2hKZFj40V9WDNTSHMR3ut441AJ4oHgvn7acLXZKt3jgh1a4rQ==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 52B5 24 B
665 B 81ms
76ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mWQ_4nsxZ9MWS6er90oB4fGaV4I0uuUyoGsI4bVRyNflqHGAZRm0VA==

GET
H2 200 14.304dd045.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 70 KB
18 KB 131ms
126ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.304dd045.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

7624f30c9e70e36751d7505cc475c452b5e3ddf28bea4812df168446fbab637f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 65741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"87e4ec92f99844d9567d7b6b63e4427f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvm51Pu_m9MdwNnlRKhZQYk68cVBc23O
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PwNqHzKS69Dt10GrWBj92pcj07n2B66rV7DmmxhdTZGVxLiY3bXvrw==

GET
H2 200 21.dfc7462a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 43 KB
12 KB 131ms
126ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.dfc7462a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

63724b7e3e4fc3e457c30303fbcfcbe678ac6f9eaf36b37a8ea46251656183fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 65741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"8b0844eac1933fab73d67b6b12749f99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j_RfUwVYV76uZYYXPaIyploQ0XIevKCY
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s1-fbd_3c8P-TplH-eIISCO9dxo4fqtWoMuRlQCrAI1OgqEHvId8IQ==

GET
H2 200 13.89b6cd8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 37 KB
12 KB 133ms
128ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.89b6cd8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

3d0010c521e94cd527b7be41aa7481d19bdd6598899cb61505d9ae2eda39af54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:59 GMT
content-encoding: gzip
age: 53854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:11 GMT
server: nginx
etag: W/"58da3454a438861dfbac69e3f6f2b077"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qEgjNXMR5sE_A0wlEecGarRiSrP4dy3X
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i0Ydu4Oagcl1TzaYwpK8XtjrJ1V3X06VAnMx6apRIWqOZPyrDWK3Uw==

GET
H2 200 41.5ac1924a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 44 KB
13 KB 120ms
118ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:58:33 GMT
content-encoding: gzip
age: 2405040
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 16 Jul 2021 14:40:29 GMT
server: nginx
etag: W/"27492691be2f532304605f9b1f52707d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fjHErLkQGuw8KCHe6nsXBZY1ZP6a0E9m
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9ESLhzVP5T2T0DUPI1yN6hV9x4jHxbTUeDyX8fH4lVtWE79nPnBQsQ==

GET
H2 200 18.9c5cc161.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 44 KB
13 KB 121ms
118ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 759933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"9628e411ea23d2bee3311d3ce5be363c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gKLNlue.uzN77IPXPW_MnMmQxrKeoE2X
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jwi46zk9cVYgtWboSrWNpBQ2yg_QwMiM86vlSnfBbTvnFuiIS6bdtg==

GET
H2 200 34.73f521ad.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 25 KB
8 KB 122ms
120ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.73f521ad.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f7091ce8a9a66189bf5348e3af60a5705a9a6302f505339f051ad59ce894d568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 759933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"d69dcbbb307d841744f818ddc6861a56"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jp8CuiDazFvZSYli910XK68x2F8gkbyt
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kXJY3xtQcpDbIgpAHuxOUUgALHv7AD26itwfeUwRmAigAfpOqrshAA==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 16 KB
5 KB 123ms
121ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5uRB5HXeDsmu_ReRaJgQTT4_v2AYpoS1Wgfc86eXX5OrKbUzdGeF3w==

GET
H2 200 16.257925d8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 83 KB
26 KB 123ms
117ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.257925d8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2454ec519e24ef9423ec7a339a25425d51d91098a1ea1f580b2fc84ec935d19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"e01f689afdf7b5830142f42ae4ee09bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9beqkj8VSI6eAcjaIi_Gh2CsKspyGkMp
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JfUeGywijoKtIghZL0Nv0NnvlEyzB3oUhuE9VpEqm_-Y3vcWLTgXNg==

GET
H2 200 22.3cdbe392.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 59 KB
19 KB 132ms
127ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.3cdbe392.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"7f2ec762df0bb02422b2b6a96490de86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y2Fsxlxg91.mo6q6kJR67dQNB9q9Qh.8
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1W_G_LXfmmCfcmdZSZznyCiaHANzfNVFBBuSCO9XGobsnLPcUtEsaw==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 91 KB
28 KB 133ms
126ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 00:17:01 GMT
content-encoding: gzip
age: 557132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UOl6S4j5SMc3.AEsWYEwY54XYaImySKe
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QdERNe9zcDFiYJRwNF2NJqOIMnakVIXADL1k-rstu8VHBLklxSiASQ==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 23 KB
7 KB 135ms
128ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QrGiHk9r-0-FFonUXHR2eNIznTpNSxSMR1DOTGr9CXsKaGBTc-e_Qw==

GET
H2 200 12.d1052a14.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 62 KB
19 KB 136ms
129ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d1052a14.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"6f74e88fed60d2dd5a602a0de2bd8452"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _b0FYDX.3mAxA0VaBf8nhWaHS5Vbtsw1
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ENnLBQeYakVkdlDxKRTI9p2iteVD5GI5rJyE7JpEVETF90WcjUO57Q==

GET
H2 200 39.a5b56347.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 105 KB
34 KB 136ms
130ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.a5b56347.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d57c9ea10eb85de4cc1f71452737728de84fc986ad19f1835d82aad6a814cfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 759933
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"838b1df72227501d09348b5af290c40a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eEwBi4Gr92N2FILUHMD4W69ZILAjLoGe
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RuHFzSokVQkbOL1seR20RLNL5N3okMp1QRiG1IxvVVXH4NAIw5cndQ==

GET
H2 200 32.f0210426.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 12 KB
4 KB 138ms
133ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.f0210426.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fe47f22e3fc1c2249fec433edab6fa51acc3daccb2558204af5b2d627b2e6808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"2a252030aae2ea989e972f252034bfc3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: yFE6TMHTKBR2MeahX77xuFFC6uywsPre
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jFEBHRzpUsZ4ZJ2xyF94jFQzGpWiudiRZD7GijFBKB004Tnm8yKSUA==

GET
H2 200 24.1ac10846.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 12 KB
5 KB 138ms
134ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1ac10846.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"ed02b913ca7386c5bb0fab4ab1a2f1d9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ECrPa9YL6VZ.qrMe7G2XlZ51U2QcbWo3
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p4VuTh_bRJK0_E-erRWuCMrYqIV1J7m9uSgV9RkjV91cOQ70gjj8Hw==

GET
H2 200 17.6c3c965c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 17 KB
7 KB 137ms
134ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.6c3c965c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"b0b166b8ed88c90ea3dc07661d0dcff4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: go5bgLz1uqH1mXEw3Tl.DlYL4V5K21A_
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HkNZR-GWpJur1Gw4QvfYiXgcdVnow4lSy63i17O51LtqaEz9P-wh3g==

GET
H2 200 7.004395ae.chunk.css
js.driftt.com/core/assets/css/ Frame F540 11 KB
3 KB 139ms
136ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.004395ae.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d3d1211071d1961b504b36fa6754a09c7feb9e2b923c53d41399166106c6878e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:16:50 GMT
content-encoding: gzip
age: 67543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:09:35 GMT
server: nginx
etag: W/"559577b02e08d038ea08b39691db92db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SSjK0M1BkHlo.72r.TJWo50rv3d0Fwcn
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -nSaY-7Pbu2Oj3rsdftCQ4JmpUKKdD1MrV2dzdzRLp3e5sS68Jh9dQ==

GET
H2 200 7.275375de.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 70 KB
21 KB 140ms
138ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.275375de.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1336386616a05e47a33c5a4f189afe6eeb923faa6b7d0a4c55a153bfdf5cac7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 65741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:55 GMT
server: nginx
etag: W/"9d7219a0a1173ab931a3cbf999911624"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ihGrkvo0yI_eKU9llvi4uXbGAevlAwa_
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: a7Xv5zPeGSokcks8KCMm-Tp9p4WTZRkmZq1-qZpN54waXpUMPzMRfQ==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame F540 24 B
665 B 139ms
137ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GmB7D_vzmPS2AhiSE5kQjQRsoIGilDCZ00DaOGe-UBFvsoFD_vBkJQ==

GET
H2 200 14.304dd045.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 70 KB
18 KB 140ms
138ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.304dd045.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

7624f30c9e70e36751d7505cc475c452b5e3ddf28bea4812df168446fbab637f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 65741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"87e4ec92f99844d9567d7b6b63e4427f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bvm51Pu_m9MdwNnlRKhZQYk68cVBc23O
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CWzuSmPrq-02gCH6lgG__UM4ixuR5xg3tnjhC5EYXcJYnkRqx8osAw==

GET
H2 200 21.dfc7462a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 43 KB
12 KB 154ms
153ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.dfc7462a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

63724b7e3e4fc3e457c30303fbcfcbe678ac6f9eaf36b37a8ea46251656183fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 65741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"8b0844eac1933fab73d67b6b12749f99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: j_RfUwVYV76uZYYXPaIyploQ0XIevKCY
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AVLHpxh0CT0eN31Av0OCCtX3ph4J1-Jja_fSDH4c41G1iMWJuVKswQ==

GET
H2 200 13.89b6cd8f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 37 KB
12 KB 155ms
154ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.89b6cd8f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

3d0010c521e94cd527b7be41aa7481d19bdd6598899cb61505d9ae2eda39af54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:59 GMT
content-encoding: gzip
age: 53854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:11 GMT
server: nginx
etag: W/"58da3454a438861dfbac69e3f6f2b077"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qEgjNXMR5sE_A0wlEecGarRiSrP4dy3X
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GZw9_AM2QG9OUGB0tNqrCMCxy_5N9SBy0_E9JaUYyB9kJiEwXJtOqQ==

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658176328/ 2 KB
1 KB 44ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658176328/?random=1628852553150&cv=9&fst=1628852553150&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8b0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee048472b1f26749c3694b9244a2210026a0cd4f783208248742f8ca1416e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1035
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/658176328/ 42 B
64 B 23ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658176328/?random=1628852553150&cv=9&fst=1628852400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&async=1&fmt=3&is_vtc=1&random=1990905519&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/658176328/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/658176328/?random=1628852553150&cv=9&fst=1628852400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8b0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dailypay.com%2F&tiba=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&async=1&fmt=3&is_vtc=1&random=1990905519&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 11:02:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame 52B5 2 B
403 B 450ms
150ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 11:02:33 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 30.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame 52B5 6 KB
1 KB 47ms
46ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 15:29:47 GMT
content-encoding: gzip
age: 3871966
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 29 Jun 2021 15:10:44 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fetckuyHy7tVJ3YvictsA_agqEVkirdd
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: svxdM681cszGbHpdmdcbvkhJUJ-G6_c1vyv4lptyuB25lVakeycPGQ==

GET
H2 200 30.5070bbde.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 2 KB
2 KB 47ms
47ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.5070bbde.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"a4c169519747a3283936a635381e7676"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: CFPUVjYb649i3kVl6K_oER41eqaej1oX
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I9WBcf1l4cLd5GuJWVEIpnsfoSVU4s_KrkTkXEc7zVKQbNC3vIZuFw==

GET
H2 200 idsSync
audience.nrich.ai/audience/v1/mas/ 35 B
431 B 57ms
56ms Image
image/gif 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audience.nrich.ai/audience/v1/mas/idsSync?clientId=1235&mas%5Beloqua%5D=&mas%5Bmarketo%5D=&mas%5Bhubspot%5D=7262c49a2cc9830cddc6d0e8d4e6191f&mas%5Bpardot%5D=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:33 GMT
server: nginx/1.18.0
x-powered-by: Express
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H/1.1 200
OK / Show response
sentry.io/api/1485028/envelope/ Frame F540 2 B
403 B 487ms
154ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1485028/envelope/?sentry_key=6a7024aa4c6a4c4d9a797440877237b2&sentry_version=7

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 11:02:33 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://js.driftt.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 20.2c0861e6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 44 KB
13 KB 75ms
74ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2c0861e6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 759932
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"c767d19b675d51ecfc93c77b8fa0f24d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U7TgEocsNTUyqtvAMfmAhBAaJWnrpVQx
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZzQBzTWK-6hFZGfShi0Ee1zImOWYtZqSoSHws1I9Za-xMtt7_hCN2g==

GET
H2 200 19.4751f621.chunk.css
js.driftt.com/core/assets/css/ Frame F540 8 KB
2 KB 76ms
75ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.4751f621.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 759932
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:58 GMT
server: nginx
etag: W/"029a883905ad20930f71f89ac0560a17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N8v6pXkvkC2.KU.VFYkzepuu6NKNvxQ0
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vNZCY_kSDmSrlZuQzSdzubz_voD-FyXthRFfz_mY_0fUNmOo2oUGAA==

GET
H2 200 19.bf146149.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 15 KB
6 KB 75ms
75ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.bf146149.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

74a10bdeae0680612d7a944ebec7618f29c8d20a5c367927b0d719546b3e7e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 759932
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:24:00 GMT
server: nginx
etag: W/"a1a0554918be1e889111d5b344851906"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WR7M3EbElNylsRkJC8hO7jHISaf37erg
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PtLfGiKYBfDCJbRK3JLjs4SBs7swgbafj2zNRCeu-_aUan0-3u1MjA==

GET
H2 200 26.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame F540 365 B
1007 B 76ms
75ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/26.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _znxfoUn6UUBgSii2qRzwRRP.d4zXKBH
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6RNjF65_CEqHpcUu4PVbxtxumIPjcJ3oTPAM611iVIuWVT1Ztu1ZbQ==

GET
H2 200 26.c06c9c65.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 77 KB
21 KB 86ms
85ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.c06c9c65.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fb9c428a31f569e81a50ececeea6179c15c23ae04323d1c4ffa597fca0c6689c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:46:52 GMT
content-encoding: gzip
age: 65741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 16:27:54 GMT
server: nginx
etag: W/"32819bafc45e451bdffdbeec3a123b8e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fNiA2YO1Y8D08aIOgr56t5Nl6vX8.0f7
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SOn622pCAP5oCzUraN7lGjTpj7KkJwRmeaCQhR3qQjxacQCbX5jZaw==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 52B5 7 KB
2 KB 72ms
70ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 3165472
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZJPSNQgntX8rhSkyFSJZN1hFTZzMPwLE-cekh4VyIAIhu0qOXNCc1w==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 54 KB
16 KB 72ms
71ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:01 GMT
content-encoding: gzip
age: 759932
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:59 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bVTg0MSlE6rXjintZc.g75plFKA2.sd
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6LX4SsdMFOfjIKnm-04dFSoQ8kRUlndNXf_6Qf0uxHP5XqPRckJv4w==

GET
H2 200 0.d96f2542.chunk.css
js.driftt.com/core/assets/css/ Frame 52B5 39 KB
7 KB 71ms
70ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.d96f2542.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9e0a3c01cfa8ff75022fbbc9d6203baeb139b32da3a6d816fb88c52056bf0bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:16:50 GMT
content-encoding: gzip
age: 67543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:09:35 GMT
server: nginx
etag: W/"b4f7fd91fa3ccd73aeb2688b17c6fa11"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4QsbYDsOr2gMh8AzBgSQJycdf_cNiy5V
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vqWLbftAuha8nCWykX6s0tJAymaX-kHWD6Xc819mukFbz4x13GIE8g==

GET
H2 200 0.bdaa0679.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 59 KB
20 KB 73ms
72ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.bdaa0679.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

78f8fb3c2f1f7bdbfda489516bba2c7c7cfd61908104bc0f5680d20a3b5fd500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:04:59 GMT
content-encoding: gzip
age: 53854
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 19:36:10 GMT
server: nginx
etag: W/"6817cb0c6c41290178722ca6506410d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 7KD2hJe0ZUOHvn.nPtI.kSYE0PBYQyco
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D_t3xAGMzQZucMranfIwX6QxjwiksmD2BnK3F9htccqHS1RLPiuBlw==

GET
H2 200 28.55f88a7d.chunk.css
js.driftt.com/core/assets/css/ Frame 52B5 11 KB
2 KB 74ms
73ms Stylesheet
text/css 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.55f88a7d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: W/"a1edc67f80fa4d2930e0e949b8c47368"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: s7EnEI9BxpvdcrCDALBwrAEOxiEZt_Ad
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: burKH2c6twMQuTC1oHFwgshlkfsFAeYkRYuxpiDJ9Lt7kDzrOrvdDw==

GET
H2 200 28.8afe478b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 11 KB
5 KB 74ms
74ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.8afe478b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

6d441ffc2a8afd48b6c1d05988aecd664f36021739c916c207b1eca144caae70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:18 GMT
content-encoding: gzip
age: 574215
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"09e18c7798d522e01840d4f263591af0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: etkYcrBQlfN8U2IMxEHm6.hSYLgOyCP4
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i0TMwiZZ4oGlCIxq8BcGKtZE1xCL-mDveAeJOxEUFkTVpLjDNU60Lw==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame F540 25 B
123 B 149ms
149ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 11:02:34 GMT
server: istio-envoy
requestid: 201f5de77e68650a
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 429ms
138ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:34 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift1f5a0164504b4cb3afba252ca78
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 css
fonts.googleapis.com/ Frame F540 4 KB
751 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.89b6cd8f.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:43:43 GMT
server: ESF
date: Fri, 13 Aug 2021 11:02:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 11:02:33 GMT

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame F540 103 B
200 B 141ms
141ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

4706094d1b3e101355f118ea853d39bb897f0a6b27da276a8c6fbb28f8169ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 11:02:34 GMT
server: istio-envoy
requestid: 1b5b117f61c99eac
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 103
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 412ms
132ms Preflight
text/plain 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:34 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift757b75f4bbdb83bc8902f811260
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 psrvzv53h6p9.json Show response
embeds.driftcdn.com/embeds/ Frame F540 35 KB
8 KB 566ms
446ms XHR
application/json 13.224.193.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/psrvzv53h6p9.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f67b4727e366fdbcac265c2ec93a09416c4334d8d7360ea5b37b2665ecb4b515

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:35 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 09:48:42 GMT
server: AmazonS3
etag: W/"cd3a91aeb7913bdabd14c16c35c1c55d"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: m1cishR44aaeZxQ_6g5GiFsodGfGzbMZU7qbF1sOHJcSfVMGPrD_nQ==

GET
H2 200 add
tag.nrich.ai/learning/v1/pixel/ 49 B
556 B 56ms
55ms Image
image/gif 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.nrich.ai/learning/v1/pixel/add?ltid=446e0d71-3b98-470c-a7b0-83e6760edc8d&visdur=0&engdur=0&&cookieless=false&_=1628852554479
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.002694
date: Fri, 13 Aug 2021 11:02:34 GMT
server: nginx/1.18.0
front-end-https: on
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
cache-control: private, no-cache
content-transfer-encoding: binary
content-disposition: inline; filename="blank.gif"
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
x-request-id: 49e31702-353e-4988-817a-5d22660eb7ac

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame F540 4 KB
2 KB 545ms
545ms XHR
application/json 34.193.113.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-113-164.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

5606c9983bb4922c41fb701ca56ff3d79f327b5ff463574911a58c32d08bb9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Aug 2021 11:02:35 GMT
content-encoding: gzip
server: istio-envoy
requestid: 8d1d99ec5bcc953e
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 413
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1760
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 psrvzv53h6p9 Show response
targeting.api.drift.com/hours/availability/combined/ Frame F540 40 B
103 B 153ms
153ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/psrvzv53h6p9

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

dd4115970a44fd799fd72e5caabc9e78cf1662f83d73ae82aeaeddb53c696cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjkzNTI3MDIzODY2Njc1MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NzA4NDciLCJleHAiOjE2NjAzODg1NTUsImlhdCI6MTYyODg1MjU1NX0.JviullkPBesX20tnCYlPC-rkeyJP9Q5hbrhraqp0exEuYgGvhp-mvzH-Uzm-HtDBBEqStaPy_FV9Zj84WGeQSA

Response headers

date: Fri, 13 Aug 2021 11:02:35 GMT
server: istio-envoy
requestid: e60d9704c0e1d02b
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 40
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 psrvzv53h6p9
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 164ms
152ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/psrvzv53h6p9

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:35 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: drifte87f60b464698616f2e319805e5
content-length: 18
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 track Show response
event.api.drift.com/ Frame F540 565 B
992 B 136ms
135ms XHR
application/json 34.234.150.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.150.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-150-139.compute-1.amazonaws.com

Software

Resource Hash

521aa04f9405bbc7d072a7845f038eb2f7e4c171632edd640182db983c3a06e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjkzNTI3MDIzODY2Njc1MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NzA4NDciLCJleHAiOjE2NjAzODg1NTUsImlhdCI6MTYyODg1MjU1NX0.JviullkPBesX20tnCYlPC-rkeyJP9Q5hbrhraqp0exEuYgGvhp-mvzH-Uzm-HtDBBEqStaPy_FV9Zj84WGeQSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 11:02:36 GMT
requestid: 541960de5623f4da
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 565

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 418ms
134ms Preflight
text/plain 34.234.150.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

34.234.150.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-150-139.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:35 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift2dcb1a846f597061dca81b29f56

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame F540 17 KB
6 KB 47ms
47ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=psrvzv53h6p9&region=US&forceShow=false&skipCampaigns=false&sessionId=3a913113-e9bf-4420-be38-1544d3682880&sessionStarted=1628852552.848&campaignRefreshToken=cc9852d5-544a-481e-b177-0fd357145973&hideController=false&pageLoadStartTime=1628852546793&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 3174268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kZUwWHl3E7ZWRLcjaO1P8GFwsszg45R5ksAWAUCyJRl3zJ-VeJyyIg==

GET
H2 200 46.67acb4b4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 52B5 17 KB
6 KB 46ms
46ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/46.67acb4b4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b7a5ac57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1628852546793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 17:18:07 GMT
content-encoding: gzip
age: 3174268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:09 GMT
server: nginx
etag: W/"a31f16ddeb870cf86efd9070460b1ca5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HRF16KWFqyFRUpbi5VZWxhcRiBUrjrTa
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SWq3AG6LsrpMhPS1DxFzOGwHzg-ALcc40WtCwGcrLpNASpJmbcka4Q==

GET
H3-29 200 css
fonts.googleapis.com/ Frame 52B5 4 KB
643 B 26ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/13.89b6cd8f.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 10:03:52 GMT
server: ESF
date: Fri, 13 Aug 2021 11:02:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Aug 2021 11:02:35 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame F540 25 B
89 B 151ms
150ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjkzNTI3MDIzODY2Njc1MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NzA4NDciLCJleHAiOjE2NjAzODg1NTUsImlhdCI6MTYyODg1MjU1NX0.JviullkPBesX20tnCYlPC-rkeyJP9Q5hbrhraqp0exEuYgGvhp-mvzH-Uzm-HtDBBEqStaPy_FV9Zj84WGeQSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 11:02:35 GMT
server: istio-envoy
requestid: 1cc9114681567326
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 138ms
137ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:35 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftf890b1041e9a4e0b367ef3aebef
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame 52B5 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
age: 297159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:56 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ Frame 52B5 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
age: 297159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:56 GMT

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 137ms
137ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:35 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift192123a4a70938ddc83c7c38214
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame F540 1 KB
475 B 137ms
136ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

8d0b66678e7a368d78185ab0f52b7ee1050c5402d5517dfbcadc75b3219b9741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjkzNTI3MDIzODY2Njc1MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NzA4NDciLCJleHAiOjE2NjAzODg1NTUsImlhdCI6MTYyODg1MjU1NX0.JviullkPBesX20tnCYlPC-rkeyJP9Q5hbrhraqp0exEuYgGvhp-mvzH-Uzm-HtDBBEqStaPy_FV9Zj84WGeQSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 11:02:36 GMT
content-encoding: gzip
server: istio-envoy
requestid: 7a18ddea367a3432
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 386
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 render_initial_v3 Show response
flow.api.drift.com/flows/ Frame F540 6 KB
3 KB 256ms
256ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f518d470d3efb89e271642513d7f8351cfffdcba142999a6f58c6b832f98229b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjkzNTI3MDIzODY2Njc1MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NzA4NDciLCJleHAiOjE2NjAzODg1NTUsImlhdCI6MTYyODg1MjU1NX0.JviullkPBesX20tnCYlPC-rkeyJP9Q5hbrhraqp0exEuYgGvhp-mvzH-Uzm-HtDBBEqStaPy_FV9Zj84WGeQSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 11:02:36 GMT
content-encoding: gzip
server: istio-envoy
requestid: 6594aa96c345f321
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 119
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2773
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 render_initial_v3
flow.api.drift.com/flows/ Frame 0
0 145ms
136ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://flow.api.drift.com/flows/render_initial_v3

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:36 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift8b4af714eacbbb314fb1b9766a1
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame F540 0
37 B 144ms
144ms XHR
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjkzNTI3MDIzODY2Njc1MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NzA4NDciLCJleHAiOjE2NjAzODg1NTUsImlhdCI6MTYyODg1MjU1NX0.JviullkPBesX20tnCYlPC-rkeyJP9Q5hbrhraqp0exEuYgGvhp-mvzH-Uzm-HtDBBEqStaPy_FV9Zj84WGeQSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 11:02:36 GMT
server: istio-envoy
requestid: 911953da7a2cd68c
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 8
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 136ms
136ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:36 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift393b33749729742c05e7efad1a5
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2147702%252F4deff29698e499ce4e720a1a303373133mhcd5uk39ts%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame F540 2 KB
3 KB 24ms
7ms Image
image/png 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F2147702%252F4deff29698e499ce4e720a1a303373133mhcd5uk39ts%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D7b60247dd80db915cbf259d956fa4a7e?fit=max&fm=png&h=200&w=200&s=8c47b9d32a9ccc912d7318ff5cd1f8f7

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

355ed9e29544418602adb7b73e2763ba43f4568c604cba38227a7c44255aa36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Jul 2021 11:24:44 GMT
server: imgix
age: 3195473
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: fc800a5697a477bdb57211f4d2e2accb7aa51e93
accept-ranges: bytes
content-length: 2465
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10030-SJC, cache-fra19177-FRA

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame F540 14 KB
14 KB 17ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:29:17 GMT
x-content-type-options: nosniff
age: 297199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:29:17 GMT

POST
H2 202 event Show response
gw.oribi.io/ 0
409 B 203ms
202ms XHR
text/plain 44.239.184.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.oribi.io/event
Requested by: Host: cdn.oribi.io
URL: https://cdn.oribi.io/XzI0NTIyOTk3NA/oribi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.184.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-184-180.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailypay.com
date: Fri, 13 Aug 2021 11:02:36 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
x-application-context: application
content-type: text/plain

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=857135078&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.dailypay.com%2F&ul=en-us&de=UTF-8&dt=On%20Demand%20Pay%20Provider%20%7C%20DailyPay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202040124&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=738022258.1628852548&tid=UA-68122528-11&_gid=1804197226.1628852548&gtm=2wg8b0WFZNP9W&z=1010108337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Aug 2021 00:49:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36780
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4.7e67eece.chunk.js Show response
js.driftt.com/conductor/assets/ 158 B
822 B 46ms
46ms Script
application/javascript 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/4.7e67eece.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1628852700000/psrvzv53h6p9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

7060ccc4a800448d37027d5c6beb0084ad19061feb48a523e29ea1b7dbc1ae3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 19:13:12 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
age: 2216964
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 158
last-modified: Fri, 16 Jul 2021 14:40:35 GMT
server: nginx
etag: "807a90e9d6c19e174f5905b1d130989a"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZvBIZeyXAm1q_4HZ9TAEOIAqb.wEU0hE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nB4YiHvynZzoVUsPD29YaD8pQXiZMltZkNmunHQgUDKnAyaxJ0SLvg==

GET
H2 206 notification.d46d7db1.mp3
js.driftt.com/conductor/assets/media/ 20 KB
21 KB 47ms
46ms Media
audio/mpeg 13.224.193.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/conductor/assets/media/notification.d46d7db1.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-114.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailypay.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 06 Jun 2021 14:32:50 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
age: 5862586
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-20896/20897
Content-Length: 20897
last-modified: Fri, 04 Jun 2021 17:53:43 GMT
server: nginx
etag: "d46d7db110874da77e094dcbc4bec8e6"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: U7flhdfKr0QXHG9OA6yGb8wuwdVVzMpn
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: audio/mpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uaAS2WtUv9Qk3st2M8CMOnRgVRRI45tu3VfqMK3Cm-i_OD-hdNvMRA==

GET
H2 200 idsSync
audience.nrich.ai/audience/v1/mas/ 0
387 B 56ms
55ms Image
text/plain 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audience.nrich.ai/audience/v1/mas/idsSync?clientId=1235&mas%5Beloqua%5D=&mas%5Bmarketo%5D=&mas%5Bhubspot%5D=&mas%5Bpardot%5D=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:02:37 GMT
server: nginx/1.18.0
x-powered-by: Express
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame F540 25 B
83 B 137ms
136ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/41.5ac1924a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNjkzNTI3MDIzODY2Njc1MiIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE0NzA4NDciLCJleHAiOjE2NjAzODg1NTUsImlhdCI6MTYyODg1MjU1NX0.JviullkPBesX20tnCYlPC-rkeyJP9Q5hbrhraqp0exEuYgGvhp-mvzH-Uzm-HtDBBEqStaPy_FV9Zj84WGeQSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Aug 2021 11:02:38 GMT
server: istio-envoy
requestid: ef69622215ed07e7
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 137ms
136ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Aug 2021 11:02:38 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftf87b276442c9e1bec1db4852243
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 add
tag.nrich.ai/learning/v1/pixel/ 49 B
556 B 64ms
63ms Image
image/gif 51.178.78.162
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.nrich.ai/learning/v1/pixel/add?ltid=446e0d71-3b98-470c-a7b0-83e6760edc8d&visdur=0&engdur=0&&cookieless=false&_=1628852562480
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.178.78.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3165917.ip-51-178-78.eu
Software: nginx/1.18.0 /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

Referer: https://www.dailypay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.007542
date: Fri, 13 Aug 2021 11:02:42 GMT
server: nginx/1.18.0
front-end-https: on
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
cache-control: private, no-cache
content-transfer-encoding: binary
content-disposition: inline; filename="blank.gif"
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Content-Range,Range
x-request-id: 9342650e-5aa2-477f-894f-02f61ba192cb

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:49:08	Name: IDE Value: AHWqTUnpKoIW1H99XAGkBrO5Byf4gKY8hhWj57XDR8E1trmFsJFbUh01SDdfAig5
.dailypay.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.dailypay.com/	1970-01-20 05:49:08	Name: __hstc Value: 165511968.7262c49a2cc9830cddc6d0e8d4e6191f.1628852552861.1628852552861.1628852552861.1
www.dailypay.com/	1970-01-19 20:27:42	Name: pa Value: drift_campaign_refresh=cc9852d5-544a-481e-b177-0fd357145973%20drift_campaign_refresh%3Dcc9852d5-544a-481e-b177-0fd357145973%20drift_campaign_refresh%3Dcc9852d5-544a-481e-b177-0fd357145973%20drift_campaign_refresh%3Dcc9852d5-544a-481e-b177-0fd357145973&pa=sid%3Dhw7ne8sa%26sst%3D1628852552%26sis%3D1%26rv%3D0
.dailypay.com/	1970-01-20 05:13:08	Name: _lab Value: 460461593
.dailypay.com/	1970-01-20 13:58:44	Name: _ga Value: GA1.2.738022258.1628852548
.dailypay.com/	1970-01-19 22:37:08	Name: _fbp Value: fb.1.1628852548143.652958321
.dailypay.com/	1970-01-20 05:13:08	Name: _pin_unauth Value: dWlkPU1HTTFZamM1WVRJdE1UVmhPUzAwWlRZM0xXRTBPREl0TXpFME56RTNaalpsWlRVMA
.dailypay.com/	1970-01-19 20:27:34	Name: __hssc Value: 165511968.1.1628852552862
.dailypay.com/	1970-01-19 20:27:39	Name: oribi_session Value: 2aa6ddf3-39e0-c1df-041c-3a1f095bacaf
.dailypay.com/	1970-01-19 20:27:32	Name: _gat_UA-68122528-1 Value: 1
.dailypay.com/	1970-01-19 20:27:32	Name: _gat_UA-68122528-11 Value: 1
.dailypay.com/	1970-01-20 05:49:08	Name: hubspotutk Value: 7262c49a2cc9830cddc6d0e8d4e6191f
.dailypay.com/	1970-01-19 20:28:58	Name: _gid Value: GA1.2.1804197226.1628852548
.dailypay.com/	1970-01-20 05:13:08	Name: oribi_user_guid Value: 6aa57cef-98d4-f800-4a63-5a84917161ea
www.dailypay.com/	1970-01-19 20:27:34	Name: drift_campaign_refresh Value: cc9852d5-544a-481e-b177-0fd357145973
.dailypay.com/	1970-01-19 22:37:08	Name: _gcl_au Value: 1.1.1958521168.1628852548

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d6s3i7h4.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-sample
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-hero
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-wrap
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-quote
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-timeline-event
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-media-grid
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-press-links
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-bg-image
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-btn
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-title-desc-btn
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-testimonial-single > div:first-of-type
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-video
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-swiper
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-testimonial-swiper
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-contact
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-two-col-media
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-two-col-text
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .style-guide
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .check-wrap
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .input-wrap
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .radio-group
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .radio-wrap
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-accordion
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-accordion-item
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .select-wrap
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-phone-frame
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-phone-preview
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-three-col
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-list-item-with-icon
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-heading
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-animation-balloon
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-animation-app
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-animation-value
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-animation-stats
console-api	info	URL: https://d6s3i7h4.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/dailypay/dist/block-versions.js?ver=1628704393(Line 1) Message: block-versions - Verified .wp-block-dailypay-calculator
console-api	log	URL: https://app.fivetier.com/buyandplace/api/analytics/analytics.js?_=1628852547828(Line 82) Message: [AX] initialzed with client ID [ab9ebd57177b5106ad7879f0896685d4]
console-api	info	URL: https://js.driftt.com/core/assets/js/18.9c5cc161.chunk.js(Line 1) Message: DRIFT_WIDGET:: widget_core:bootstrap_api finished in 548.8000030517578 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10697569.fls.doubleclick.net
adservice.google.com
adservice.google.de
api-54-218-243-92.b2c.com
api.fouanalytics.com
api.hubapi.com
api.hubspot.com
app.fivetier.com
app.leadsrx.com
audience.nrich.ai
bootstrap.api.drift.com
bpi.rtactivate.com
cdn.optimizely.com
cdn.oribi.io
connect.facebook.net
ct.pinterest.com
d1eoo1tco6rr5e.cloudfront.net
d6s3i7h4.rocketcdn.me
dailypay.com
driftt.imgix.net
embeds.driftcdn.com
errors.client.optimizely.com
event.api.drift.com
flow.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
gw.oribi.io
insight.adsrvr.org
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.usemessages.com
meta.resetdigital.co
metrics.api.drift.com
one.progmxs.com
px.ads.linkedin.com
px4.ads.linkedin.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.pinimg.com
sc.lfeeder.com
script.crazyegg.com
secure.adnxs.com
sentry.io
serve.nrich.ai
snap.licdn.com
stats.g.doubleclick.net
tag.nrich.ai
targeting.api.drift.com
track.hubspot.com
udxsva.com
use.fontawesome.com
v4-api-54-218-243-92.b2c.com
ws.zoominfo.com
www.dailypay.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
108.174.10.14
13.224.193.102
13.224.193.114
13.224.193.88
13.225.83.200
142.250.184.226
142.250.74.198
151.139.128.11
172.106.112.186
185.33.221.89
199.232.80.84
205.235.84.161
2600:9000:20eb:ae00:1f:f723:6fc0:93a1
2600:9000:21f3:3c00:1:f007:ac00:93a1
2600:9000:21f3:600:13:c079:7880:93a1
2606:4700:10::6814:14ef
2606:4700:20::ac43:44a1
2606:4700:3031::ac43:d645
2606:4700:3036::ac43:c834
2606:4700::6810:5505
2606:4700::6810:a852
2606:4700::6811:43b0
2606:4700::6811:70b0
2606:4700::6811:81ab
2606:4700::6811:b949
2606:4700::6811:cbcc
2606:4700::6811:d4cc
2606:4700::6811:e6cc
2606:4700::6811:edcc
2606:4700::6812:14bf
2606:4700::6813:9408
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9c
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:29e::1931
2a02:26f0:6c00:2a8::13b8
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42:3::720
3.225.10.210
3.94.218.138
34.193.113.164
34.198.11.176
34.234.150.139
34.253.150.6
34.255.138.57
35.188.42.15
44.239.184.180
51.178.78.162
52.201.132.210
54.184.88.159
54.218.243.92
68.67.153.53
0213ae7e866f5a46c1e2ce6a994b8467b92701c5994bd591a4dff8b6556eb21d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0454862ee119e07048037411768e8b84b47652f8c7d6b1dd8bfdad509399036b
072d970388d4749ce871e59c751c809cbdb37e2ef0759086474a2246eb20c6f6
0744184a06c1c638519583ffd097ac94380d7a8e2a6ce3f8be92de87755fa75a
096ed3704704ff3e2c60b3a25ccc6fb12cc0c12d68f907ad5b7744ce80ebb79c
09d6264d30448cb88492d48ed5a171dbb3c93a5cc736065455125f5dfdb732bc
0c2b5080c4e67713c96ad184c1f178e45e732b692f6d96c9f5b53d799446eec8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120e4befc3deec9035d64db22a1e067f60c8ecd3ff834d6313c10d685adbd82f
1336386616a05e47a33c5a4f189afe6eeb923faa6b7d0a4c55a153bfdf5cac7c
135a9fc420876da9eea0a7b20e0fe74ac6584ebd5825c60b73c02276d2fdf89c
140dd7a5fc4ab13d6133263a04e26edc808d31fca4b30ae7a6071486e449982a
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
173d1f2dbc34a9c6fdcaf06412c2ed8593dcfffa384149bed25d5f976f506514
192a267654ba7fd31dd793a79c30edcfc38ccb0d7ddcfae6bef10b650bb40d53
19c22bf10c9eaf7ff28627528eb6a1af265ff88f00e4bdc8027565da93b9c67a
1c13cae1474c6f83f58ac6487ddf176292d75a0ec83b04b3270f59de24fa9f8b
1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e
2454ec519e24ef9423ec7a339a25425d51d91098a1ea1f580b2fc84ec935d19d
24ff1d5e37c96e090fcd1dadc01f4381dbd837e5b24a5c43c278eae8eab47576
26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798
26fc6333bf544e0ee8663f3c2f987520023c10610fb98cb99f6f4b89199f8a3a
273393727ef04452568e9ced73b67fa49499d44c399d1e9110be6f5b05772f7d
2954ceda7923ba358931c4530bf0b3358c18ca6f4098a261aefad45c5cb65b4c
2b6e3379669d670c5769d462bf90919917c092adcdd1da3b5d04b712f5d15153
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2def1ce3460c6076cf341b0147cda956458ed980fdddd433050f2a62298f7e58
2e217cfef3766a5cf20d530925f8dfffb73f252c42e0713b94595adbf6f34130
2ecc475215078c3c041b860616a984cb0717bff065ad213b2568745a3ad91441
326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688
333ecde0d151fc74b510fff0433a0b40dbef50234eb79451830501869dd7233c
346d5677067b66df66edce6e6aba42394964c00e6de1daf7cda1005fdca27bef
353b5b09ca6eef4a400c0d86ecc622de05a44ce08727bd97a0d319d2cfd6f61a
355ed9e29544418602adb7b73e2763ba43f4568c604cba38227a7c44255aa36f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39df9debc8311c04abbf74b0745afde41d90f73b2533d5999aedd77f6b3cfee8
3a27199765d32a20e258230a3b512a7bfa3e57916208aacae05b5cdbb5326612
3b1a8f3b6f90faae30e65739ef166d60336c68e163c07e7f8a2a9df624493944
3d0010c521e94cd527b7be41aa7481d19bdd6598899cb61505d9ae2eda39af54
3febccce63b280d51fe0a022516b247833b506c685cb35175e6ca2d4b77b2a67
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45eb4a06b8ac41231cacdee781d6a1175ed0dc544c3982b708305b281feaaab3
4706094d1b3e101355f118ea853d39bb897f0a6b27da276a8c6fbb28f8169ed6
4c51f43c487e5e22fb10336d8b32974759eb82d14b2e2ee64f5889d33ad8c8e7
4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531
4f3023bc662e8805484d9429483a370124fb33ebd118929fd3c0e30b728f213d
5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870
50ad1dcb28e71542cbbfa3a3e03dcb2614164f5d23640455703e1c26af22bb25
51dbcd2504f0b925a94584143544136f12bc543df919e18eccb148fc50345473
521aa04f9405bbc7d072a7845f038eb2f7e4c171632edd640182db983c3a06e4
54be5bcc2d9b7eb9afe3a1a668947126c2852c18d8ed9a2aacf54eec723f92a4
5606c9983bb4922c41fb701ca56ff3d79f327b5ff463574911a58c32d08bb9ab
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61804551df4850738aa4af379b154e46c0bcb9c200a2d2dc5e845ee702948c19
6298cb1d092e2b5987f4278b65b7118ecbaef5183c39fb92a414e25074fd70d6
63724b7e3e4fc3e457c30303fbcfcbe678ac6f9eaf36b37a8ea46251656183fe
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cd835ad9ba0a8b3cc272146a9337465ce006a4d852eee02377aba6068ce4028
6d441ffc2a8afd48b6c1d05988aecd664f36021739c916c207b1eca144caae70
6db36d490bdd6ae773c8d5683355e7a765f01b2ac7decacc6e03743f7c8f4578
6e1f4b735ee96a99d3b77e25cfe5c1b82be7848b33dfa83b0164879ec84b2c87
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
6fba6498f954000601a3ead3dda11628c6e6e3fef44cf0563e69ca8dff7e7986
7060ccc4a800448d37027d5c6beb0084ad19061feb48a523e29ea1b7dbc1ae3b
714cafff07c401d54cda0b09af30d81dd5e3e2bc5891556168366fcc771a5bc4
72be96bb1787f1dd7e6feb7d77363ad867b3be5da7b29399dd4f0bd58f3d0aba
74a10bdeae0680612d7a944ebec7618f29c8d20a5c367927b0d719546b3e7e52
75445b43b4d587921fbd2d741058ff6591864fd072c55d32c06c24c5846c021b
7624f30c9e70e36751d7505cc475c452b5e3ddf28bea4812df168446fbab637f
76e278271388fb1b19619db09aa45a9c2b30f7e991785cf52e12d9c779c1e01d
78f8fb3c2f1f7bdbfda489516bba2c7c7cfd61908104bc0f5680d20a3b5fd500
7ee048472b1f26749c3694b9244a2210026a0cd4f783208248742f8ca1416e7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841ab9e45f28771e4184ecb3b7943a290399092d2deead6a335882901b5b4dd0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856cf73b9133597292c88443664e702ede004ec35c10ba7962d5feb52b1f3d72
85c5c79bc05a1c5f445565bba644ee13855c5eb59142f330cc4d3445727cb2d8
893cbd1c7cf6cb7ddcbe7f29a6018c58a3a965d757f797a64acfc7bb993a13db
8d0b66678e7a368d78185ab0f52b7ee1050c5402d5517dfbcadc75b3219b9741
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ddb731042b267d08b669e92dc5f09702e414ed7d7419fbe69d90bb1ef2816ae
8e3ff5d45ecb3673636e3511023435ce39223c918b3b112ca3095014ebc87ef6
8ef91f9b5a28c25cf58e40c5f161a2afd9dee1218127a78061bf2afd521c2b31
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f6b3562b238baf5a7ccfeecdeb2a2178dcf1ec50e002ad64490842695f4a5d6
915c8c90ef2f05bbb55c993467d9caa44752dcd92d05438153c73a7d92380a7b
9ac29af6e30cf256f244bfd7a7fb1ecfa982b472347f97140724987895ae3898
9c202020f185a48428149a3842101650920848f344dd358cd2483b7ca9862125
9e0a3c01cfa8ff75022fbbc9d6203baeb139b32da3a6d816fb88c52056bf0bad
9ff4c650930a11cd94085038c0cc362610a0506e26cd3192e24b44ac707b9371
a07668c57414467599e4b6f7ce14acd56f06c16976e1bf7d1613f2f0cf6794c5
a09776a1fda8c67f72cddaa5a219c26067e1d3d39b86d121d3fc3f3ee67ad675
a0f28a7987a6aa42d4ca3ee6aa660457a4f431294368ebecf2c8dfa18ba62838
a231b7235698f95d9b3e38e7daf30c555e81423432a2b2b867a2cf844a5c8517
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a5ad436c025c2a03ccc5672aed9469ac98d22b73df5b1d20ed2adb46c0c4daf9
a61baf5138a18e427b8a217aa49ddc20fa7423a14ddc970183e48b3c349f57a5
aa9044960523bfd36cb53b32bb9ab19243f952c5514770307971e5e7cb783eec
ac0193ae883b29a482e01f54745f0ed87f65413dfc734d208b84756b18fe0938
ac455178a92afc5b5325eb8a7f800e97345ad9d13dcc89462a7b02dd51698c74
ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5
b09e3b9615210dde8e0f0594ec34271b5a9847d755de80f7c8459860fa6a380e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ee8b6a8c4c345e00dc1ffb79052349d247ada88fedee5ee5a478ba3d489a13
b554347fc0f8f4b75d541bd1860944ad456fa6298111690c6b583f55f1df3687
b62028a95d4be4e6faf57aa2a07a2e0591533abb5251794dc00ca37c259ee0d6
be12e5a690504a3aefb081c72c5f4a1d8d8700afe8ce34f3bc8fcbcd9a4bf6fe
c01803e337f0ea87dd36c5352cdba70255ecf0431eab5471fc2d70bfc0e199c4
c0b0a522258b5dfed2e79cbfc67a24a21008b540965ed81468708fb8e463ad99
c11c1afb99142bec1d7daf10e35e4d74a21c7b4c34c3a442a27bb12b72dd9144
c28ce968ad7620e618edd5f8954b0a88427743ce49a4beafa63daa26a61ab89c
c38c89ae0080defd23fd3622ed6633aefdd0f1652fbb17e9768043813fd1aaf4
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c4ed7bb27ace84c32fd60785c52a9c68d16f8d938fb89da8fcfd8c25f6f0ab02
c547a93e56880f2196a8e700259e4f78fff3242acac7f8a07c8d43056da9a57a
c570d6293e32320197f1aa033eb2b7d2d133a0623ef03b2f24d5d1f91681043b
c6d1749843e57b5ff1a94dfca0c1ade4af3b8cd3883c6a5d61e2542e02a4b571
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd
cdb27a10cec577751f00fa25c98d4082b9a52895e49cf6b80deaf53019f2f927
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d32253fe48c3258485420b89a4eb2497530a22f317d517b10b96cc8ed107f1f3
d3d1211071d1961b504b36fa6754a09c7feb9e2b923c53d41399166106c6878e
d3d1e70960dabeed1c3a4972b441919c50e10932f74d45bfec195c528608171e
d5577a65c198ab09f55a5f47dca9597330f735ea6a5a678a4a3aef8d3eadafc2
d57c9ea10eb85de4cc1f71452737728de84fc986ad19f1835d82aad6a814cfa6
d5cbce9ae2a59f8e39bf9e6fa44febca2aef2f86858b662269d23cc6ca41612b
d86af82c8a4169c552dd136df9e8fa09dc426777aea3d5516f5ccf5e80740b53
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd4115970a44fd799fd72e5caabc9e78cf1662f83d73ae82aeaeddb53c696cb3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6c38ab272af9d44cb5021bcb6e2ea26f42e4ce2b0bae5439fa53037bdd5260
e2bba27190184b02afab35babd97812d93cd3524fab60515585c742c93e498ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
ebc49e883a573dd0f1ee42a9c60d8a01420005131962dc533bad78f10a91f4d8
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed55a5cfc340a4a8fbd57ba6300019ff837dbaaf9f1fe9b69570bc7af509f263
ed9265d4430018d8bb280ca8d841151bc59cec06355fa5126e9e24c608db417a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f407a7083dba1a7687aee65102759821ae006e009a3fdbbcc9cc5b93d6553ef8
f4326cd00e7da1b323da04df01f7de62b4c0c8b9cec38924829fff969b8e51a2
f518d470d3efb89e271642513d7f8351cfffdcba142999a6f58c6b832f98229b
f57c4be503d6f4ba9a0ca03dfcfc87094c35c51887a25669d84fbc5e5e701fbd
f67b4727e366fdbcac265c2ec93a09416c4334d8d7360ea5b37b2665ecb4b515
f7091ce8a9a66189bf5348e3af60a5705a9a6302f505339f051ad59ce894d568
f7b233fcd2f791b08a49d4df93cdc49bc84bbf75aaea1ae1ba7b7c6342c376b6
f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14
f85b7688cf780569fc434ca6ef98b3b2a2bd72ecac611765aa611fe9e9e68bbf
f8706d7118388592f980c0f46bd80195970c0226e68c2f5695a388797a60a01a
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
f949aab507dd6820be4fcdcce2541c8bd2b455b0f818ab9f89225505f3cb4085
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
fb9c428a31f569e81a50ececeea6179c15c23ae04323d1c4ffa597fca0c6689c
fd88d330b8b28310cd966efb0fe0137c7db51ae147d9b24d61a7019ad75a8bdf
fde247cb6279540b89d49510e8a03ab31a90b69d3da48d21268104cceead3848
fe47f22e3fc1c2249fec433edab6fa51acc3daccb2558204af5b2d627b2e6808

www.dailypay.com Open in urlscan Pro 2600:9000:21f3:3c00:1:f007:ac00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

256 Requests

100 %HTTPS

62 %IPv6

51 Domains

70 Subdomains

64 IPs

6 Countries

3103 kBTransfer

8809 kBSize

17 Cookies

7 Outgoing links

Page URL History

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dailypay.com Open in urlscan Pro
2600:9000:21f3:3c00:1:f007:ac00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

100 %
HTTPS

62 %
IPv6

51
Domains

70
Subdomains

64
IPs

6
Countries

3103 kB
Transfer

8809 kB
Size

17
Cookies

256 HTTP transactions
0 data transactions