pay2day.ca Open in urlscan Pro
35.208.94.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pay2day.ca/
Submission: On September 27 via manual (September 27th 2022, 7:23:07 pm UTC) from CA — Scanned from CA

Summary HTTP 135 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 39 IPs in 2 countries across 35 domains to perform 135 HTTP transactions. The main IP is 35.208.94.27, located in Council Bluffs, United States and belongs to GOOGLE-2, US. The main domain is pay2day.ca.
TLS certificate: Issued by R3 on August 28th 2022. Valid for: 3 months.

This is the only time pay2day.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	35.208.94.27 35.208.94.27	19527 (GOOGLE-2) (GOOGLE-2)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
10	13.224.214.25 13.224.214.25	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:10:... 2606:4700:10::6816:146c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	107.178.240.224 107.178.240.224	15169 (GOOGLE) (GOOGLE)
2	138.128.247.123 138.128.247.123	36007 (KAMATERA) (KAMATERA)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
2	147.185.239.229 147.185.239.229	36007 (KAMATERA) (KAMATERA)
1	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3036::ac43:8404	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
6 10	34.236.34.170 34.236.34.170	14618 (AMAZON-AES) (AMAZON-AES)
3 4	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 3	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2 7	2600:9000:20e... 2600:9000:20ed:ee00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
13 15	3.225.142.71 3.225.142.71	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
135	39

34 35.208.94.27 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 27.94.208.35.bc.googleusercontent.com

pay2day.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.224.214.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-25.phl50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::6816:146c (United States)

ASN13335 (CLOUDFLARENET, US)

api.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.240.178.107.bc.googleusercontent.com

koi-3qndl96j4m.marketingautomation.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.128.247.123 (New York, United States)

ASN36007 (KAMATERA, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web1.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80c::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.185.239.229 (New York, United States)

ASN36007 (KAMATERA, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80d::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:8404 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

privymktg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.236.34.170 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-34-170.compute-1.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.76 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.45.33.138 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:20ed:ee00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.225.142.71 (Ashburn, United States) 13 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-142-71.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.223 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.161.208 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	pay2day.ca pay2day.ca	993 KB
22	adroll.com 15 redirects s.adroll.com — Cisco Umbrella Rank: 2439 d.adroll.com — Cisco Umbrella Rank: 1453	31 KB
12	google.com maps.google.com — Cisco Umbrella Rank: 1872 analytics.google.com — Cisco Umbrella Rank: 402 www.google.com — Cisco Umbrella Rank: 2	228 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	677 KB
10	prfct.co 6 redirects pixel-geo.prfct.co — Cisco Umbrella Rank: 16514	4 KB
10	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5654	60 KB
8	privy.com api.privy.com — Cisco Umbrella Rank: 16201 assets.privy.com — Cisco Umbrella Rank: 25730 events.privy.com — Cisco Umbrella Rank: 25394	137 KB
7	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	3 KB
5	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 432 ib.adnxs.com — Cisco Umbrella Rank: 228	5 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 8529	691 B
4	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 4346 cdn.acsbapp.com — Cisco Umbrella Rank: 4709 web1.acsbapp.com — Cisco Umbrella Rank: 43560	167 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 google-analytics.com — Cisco Umbrella Rank: 21	20 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 331	565 B
3	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 396	445 B
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	817 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 375	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	176 KB
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 734	716 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 301	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 407	742 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 335	1 KB
2	marketingautomation.services koi-3qndl96j4m.marketingautomation.services	5 KB
2	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 358 fonts.googleapis.com — Cisco Umbrella Rank: 40	2 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 884	18 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	204 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 4108	390 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1037	222 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 883	493 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 823	308 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 538	394 B
1	perfectaudience.com tag.perfectaudience.com — Cisco Umbrella Rank: 19841	4 KB
1	privymktg.com 1 redirects privymktg.com — Cisco Umbrella Rank: 25161	768 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
135	35

	Domain	Requested by
34	pay2day.ca	pay2day.ca
15	d.adroll.com	13 redirects s.adroll.com
10	pixel-geo.prfct.co	6 redirects pay2day.ca
10	widget.trustpilot.com	pay2day.ca widget.trustpilot.com
8	www.google.com	pay2day.ca www.gstatic.com www.google.com
7	s.adroll.com	2 redirects pay2day.ca s.adroll.com
6	assets.privy.com	pay2day.ca assets.privy.com
6	fonts.gstatic.com	pay2day.ca
5	www.gstatic.com	www.google.com
4	secure.adnxs.com	3 redirects pay2day.ca
4	www.google.ca	pay2day.ca
3	idsync.rlcdn.com	2 redirects
3	cm.g.doubleclick.net	3 redirects
3	us-u.openx.net	1 redirects pay2day.ca
3	ups.analytics.yahoo.com	1 redirects pay2day.ca
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	pay2day.ca bat.bing.com
3	maps.google.com	pay2day.ca maps.google.com
3	www.googletagmanager.com	pay2day.ca www.googletagmanager.com
3	www.google-analytics.com	pay2day.ca www.google-analytics.com
2	pippio.com	2 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	connect.facebook.net	d.adroll.com connect.facebook.net
2	pixel.rubiconproject.com	pay2day.ca
2	cdn.acsbapp.com	acsbapp.com
2	koi-3qndl96j4m.marketingautomation.services	pay2day.ca koi-3qndl96j4m.marketingautomation.services
2	use.fontawesome.com	pay2day.ca
1	www.facebook.com
1	tags.rd.linksynergy.com	1 redirects
1	ib.adnxs.com
1	sync.taboola.com
1	image2.pubmatic.com
1	sync.outbrain.com
1	analytics.twitter.com	pay2day.ca
1	tag.perfectaudience.com	koi-3qndl96j4m.marketingautomation.services
1	web1.acsbapp.com	pay2day.ca
1	fonts.googleapis.com	assets.privy.com
1	google-analytics.com	pay2day.ca
1	privymktg.com	1 redirects
1	events.privy.com	assets.privy.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	acsbapp.com	pay2day.ca
1	api.privy.com	pay2day.ca
1	maps.googleapis.com	maps.google.com
135	48

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
services.pay2day.ca
www.pay2dayservices.ca
apps.apple.com
play.google.com
accessibe.com

Subject Issuer	Validity	Valid
pay2day.ca R3	`2022-08-28` - `2022-11-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.trustpilot.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.marketingautomation.services GlobalSign RSA OV SSL CA 2018	`2022-06-03` - `2023-07-05`	a year	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-23` - `2022-10-05`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.perfectaudience.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-05` - `2023-02-06`	a year	crt.sh
*.prfct.co Sectigo RSA Domain Validation Secure Server CA	`2021-11-02` - `2022-11-02`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-11` - `2023-09-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-07` - `2022-10-05`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://pay2day.ca/
Frame ID: B438AE2198198B7A4778EAA1440D8D9B
Requests: 118 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a4be15cb894c90edc1dffb3
Frame ID: F050CA1B87C507209EA0B2C118189528
Requests: 5 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5a4be15cb894c90edc1dffb3
Frame ID: 321E2D8CFE49DC23D58291B4DBA3931A
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly9wYXkyZGF5LmNhOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=kn5lo923fvms
Frame ID: 6F5FFABBD21D0C814A280E44DC01B793
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
Frame ID: 20C33A10DB5601BD04D52CB17A3CAC01
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Instant payday loans Canada | 24/7 Online Cash Advance | PAY2DAY

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

135
Requests

82 %
HTTPS

42 %
IPv6

35
Domains

48
Subdomains

39
IPs

2
Countries

2661 kB
Transfer

8041 kB
Size

57
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Pay2day?ref=ts

Search URL Search Domain Scan URL

URL: https://twitter.com/pay2day_canada

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCoZkVp0-pnnA6LfjRhGrjPA

Search URL Search Domain Scan URL

URL: https://services.pay2day.ca/
Title: Login

Search URL Search Domain Scan URL

URL: https://services.pay2day.ca/#/newloanapplication/province
Title: Apply Online

Search URL Search Domain Scan URL

URL: https://www.pay2dayservices.ca/start/
Title: Make a Payment

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/pay2day/id1309773344?jobid=1e5f0757-03b1-4feb-a658-19bff2b297a1&sseid=M7QwNTQxNQMSAA&sslid=MzMxNTS3NLI0MjM3AQA

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ca.pay2day.app&hl=en_CA&utm_medium=email&utm_source=sharpspring&sslid=MzMxNTS3NLI0MjM3AQA&sseid=M7QwNTQxNQMSAA&jobid=1e5f0757-03b1-4feb-a658-19bff2b297a1

Search URL Search Domain Scan URL

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility By Learn More

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://privymktg.com/collect?v=1&cid=7bd69b28-72f6-41ea-a42a-0e49e27f83a1&cd1=7F25A40F7EA8FB08F2F4077E&tid=UA-20331028-1&t=pageview&ci=7F25A40F7EA8FB08F2F4077E&cm=web&cn=7F25A40F7EA8FB08F2F4077E&ec=widget&dl=https%3A%2F%2Fpay2day.ca%2F&dt=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&ul=en-US&z=5745292219052949 HTTP 302
https://google-analytics.com/collect?v=1&cid=7bd69b28-72f6-41ea-a42a-0e49e27f83a1&cd1=7F25A40F7EA8FB08F2F4077E&tid=UA-20331028-1&t=pageview&ci=7F25A40F7EA8FB08F2F4077E&cm=web&cn=7F25A40F7EA8FB08F2F4077E&ec=widget&dl=https%3A%2F%2Fpay2day.ca%2F&dt=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&ul=en-US&z=5745292219052949

Request Chain 91

https://pixel-geo.prfct.co/tagjs?a_id=103059&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=103059&source=js_tag

Request Chain 94

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202209|63334d9615e78558d957d38b&pid=pa_QvNTMoQMdOBA2wv7p HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202209%7C63334d9615e78558d957d38b%26pid%3Dpa_QvNTMoQMdOBA2wv7p HTTP 302
https://pixel-geo.prfct.co/usermap/?xid=4275696913961491613&sid=202209|63334d9615e78558d957d38b&pid=pa_QvNTMoQMdOBA2wv7p

Request Chain 95

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_QvNTMoQMdOBA2wv7p

Request Chain 96

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_QvNTMoQMdOBA2wv7p&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_QvNTMoQMdOBA2wv7p&_origin=1&verify=true

Request Chain 97

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_QvNTMoQMdOBA2wv7p HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_QvNTMoQMdOBA2wv7p

Request Chain 98

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_QvNTMoQMdOBA2wv7p

Request Chain 99

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUXZOVE1vUU1kT0JBMnd2N3A HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 101

https://secure.adnxs.com/seg?t=2&add=20510280 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D20510280

Request Chain 111

https://s.adroll.com/j/exp/KHB2EGINOZBOJH3MZOZQPJ/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 112

https://s.adroll.com/j/pre/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 116

https://d.adroll.com/pixel/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&pv=42992475141.83786&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325/HKCVHB2XGRGWJFUZWUYQC6.js

Request Chain 118

https://d.adroll.com/cm/index/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expiration=1695842584 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expiration=1695842584&C=1

Request Chain 119

https://d.adroll.com/cm/n/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expires=365

Request Chain 120

https://d.adroll.com/cm/outbrain/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM

Request Chain 121

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 122

https://d.adroll.com/cm/taboola/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM

Request Chain 123

https://d.adroll.com/cm/triplelift/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 124

https://d.adroll.com/cm/r/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 125

https://d.adroll.com/cm/b/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM

Request Chain 126

https://d.adroll.com/cm/x/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM

Request Chain 127

https://d.adroll.com/cm/l/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=5f6c49448eedf4dff6901c1a037ce0b3 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjMQABoNCJibzZkGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=201d3047e0aa5c7cce83a49e32290d457684c646cd8a43c8bfc01cf4c29b5919791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyMDFkMzA0N2UwYWE1YzdjY2U4M2E0OWUzMjI5MGQ0NTc2ODRjNjQ2Y2Q4YTQzYzhiZmMwMWNmNGMyOWI1OTE5NzkxNDI2YjU0MTdkY2UyMRAAGgwImJvNmQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyMDFkMzA0N2UwYWE1YzdjY2U4M2E0OWUzMjI5MGQ0NTc2ODRjNjQ2Y2Q4YTQzYzhiZmMwMWNmNGMyOWI1OTE5NzkxNDI2YjU0MTdkY2UyMRAAGgwImJvNmQYSBAgCEABCAEoA&google_gid=CAESEEPwRYwjdglJgpO7SOnWRLI&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=2a42bf22-c2dd-4e62-87df-0a49fa164b50

Request Chain 128

https://d.adroll.com/cm/o/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=5f6c49448eedf4dff6901c1a037ce0b3&gdpr=0&gdpr_consent=

Request Chain 129

https://d.adroll.com/cm/g/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=X2xJRI7t9N_2kBwaA3zgsw HTTP 302
https://d.adroll.com/cm/g/in

135 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pay2day.ca/ 172 KB
33 KB 228ms
75ms Document
text/html 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 94041c0a34cfbe8a9703febbdb4f00b4fa67577bce037bed625636ba9bdd636d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 19:23:00 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://pay2day.ca/wp-json/>; rel="https://api.w.org/" <https://pay2day.ca/wp-json/wp/v2/pages/15061>; rel="alternate"; type="application/json" <https://pay2day.ca/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache-enabled: True
x-httpd-modphp: 1
x-pingback: https://pay2day.ca/xmlrpc.php
x-proxy-cache: HIT

GET
H2 200 siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
pay2day.ca/wp-content/uploads/siteground-optimizer-assets/ 877 KB
120 KB 74ms
73ms Stylesheet
text/css 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5e72a0c766998679a1b44fc9d4211166e4b7287f3e7ae5d94b01a24b3866a445

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:00 GMT
content-encoding: br
last-modified: Thu, 15 Sep 2022 13:28:10 GMT
server: nginx
etag: W/"6323286a-db349"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Wed, 27 Sep 2023 19:23:00 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
13 KB 87ms
45ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.1
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1891192
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DYBV3651RKD2Z6JZ
x-amz-id-2: i3z7N5Yg3VDazA27VbeWNCEzH2XpJKN1TRARQ2AAvsobzd7lO6HttL1iOF/+DkpnMpnei0Vj0oU=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHgVfY4CkCEbuSIbICNGSKZn9oWVWlJ%2B13YULjIGlr3lCjZ70gjnqSbVbda038gkqIZoQW4LXm1Wg2%2FaHEhKbx%2BmQHRU%2F2D0gN0MKEIUDVTr0hkn4WqK93mcIl2S935x%2FRBRQxwI4dJwYrcN54xQdbGT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 75169c8358ddc42a-EWR

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 73ms
31ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.1
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1891192
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DYBVKKQWH9QWGE8V
x-amz-id-2: qw3qlgJGQ9HVjE3umq1qzufoGr7Xis2e49e0JRsMOFXSNrtA9uIbgWg/6weVfY5kVUy2MlVT520=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"a034d3c71bee546f625877d7932917f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnOP2UQ5PX4hphF5jvVJR7kanHfOnu00lzrG2pB0refFKsoFY0nccxPUBzQzrNFFKtaMViAXGXpFvalEOgdx8KbJHfo%2Bcc1CrSK5Qk9LWefkeG3kE8IXk5mtiXfxTAtUi8mLiiUJNEdMY0qWdXVlvkBR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 75169c8358e0c42a-EWR

GET
H2 200 jquery.min.js Show response
pay2day.ca/wp-includes/js/jquery/ 87 KB
30 KB 112ms
112ms Script
application/javascript 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pay2day.ca/wp-includes/js/jquery/jquery.min.js
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:00 GMT
content-encoding: br
last-modified: Sun, 25 Jul 2021 01:41:37 GMT
server: nginx
etag: W/"60fcc151-15db1"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Wed, 27 Sep 2023 19:23:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 106ms
30ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 2883
date: Tue, 27 Sep 2022 18:34:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Tue, 27 Sep 2022 20:34:58 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 134ms
20ms Script
application/x-javascript 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 33812
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 27 Sep 2022 09:59:30 GMT
content-length: 6124
x-xss-protection: 1; mode=block
last-modified: Mon, 30 May 2022 14:38:02 GMT
server: AmazonS3
etag: "5add60196e5f96a414fb4b9586764e5d"
content-type: application/x-javascript
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: PHL50-C1
accept-ranges: bytes
x-amz-cf-id: tC19BgO3KTMtdSnaXFAZiqb5YgcVjmbd5ZVA56c_Fwc-W5Dkr5mfbw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 143ms
68ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3SQJJ97E1M

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec747cae2c3701427039d78f0dd594e675ba289b850e86996264da0e88e5e743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77711
x-xss-protection: 0
expires: Tue, 27 Sep 2022 19:23:01 GMT

GET
H2 200 header-logo.jpg
pay2day.ca/wp-content/uploads/2019/12/ 3 KB
3 KB 54ms
47ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2019/12/header-logo.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ecb90ddc4a9e73c9640606c8780ec25f10633df3ec80cc4e6c2fcbb5601b4bd1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:40:17 GMT
server: nginx
etag: "61994f21-bfa"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 3066
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 header-client-login.png
pay2day.ca/wp-content/uploads/2019/03/ 2 KB
3 KB 58ms
52ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2019/03/header-client-login.png
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 73380f83231f928e80258fb3efb9e5a3ae475b9d4f0f4884b52991c22adac5e8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:41:37 GMT
server: nginx
etag: "61994f71-928"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 2344
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 home-feature-mobile-2.jpg
pay2day.ca/wp-content/uploads/2020/04/ 31 KB
31 KB 63ms
57ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2020/04/home-feature-mobile-2.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e4c846f4f9d07f1b3828978175bf8c581be0495c6712948540d175341aa39e8c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:40:01 GMT
server: nginx
etag: "61994f11-7ce8"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 31976
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 callout-home-apply-icons-online.jpg
pay2day.ca/wp-content/uploads/2019/11/ 710 B
939 B 68ms
62ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2019/11/callout-home-apply-icons-online.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2b890f5cb5d0927538bb24f4b28bd703dee2ce7793fbecba723bf3d12d51e78e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:41:04 GMT
server: nginx
etag: "61994f50-2c6"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 710
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 callout-home-apply-icons-locations.jpg
pay2day.ca/wp-content/uploads/2019/11/ 590 B
819 B 72ms
67ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2019/11/callout-home-apply-icons-locations.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 638a8f3624fbfa75dbe8312df4a92c5d3710bd8ef4e82b2f74ce350e4b5657ec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:41:04 GMT
server: nginx
etag: "61994f50-24e"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 590
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 callout-home-apply-icons-phone.jpg
pay2day.ca/wp-content/uploads/2019/11/ 914 B
1 KB 100ms
94ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2019/11/callout-home-apply-icons-phone.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a2cb6aaa57918d6a70a7d187cd0212ef7ebc91d6f91b18fddb451edd5f5756a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:41:04 GMT
server: nginx
etag: "61994f50-392"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 914
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 home-feature-image-3free-New.jpg
pay2day.ca/wp-content/uploads/2021/11/ 47 KB
48 KB 100ms
95ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2021/11/home-feature-image-3free-New.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 302da93a523308ba422ef8506875eab7141701712c0455a1da6157760c330b25

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Thu, 25 Nov 2021 19:28:20 GMT
server: nginx
etag: "619fe3d4-bd30"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 48432
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 home-promotions-3free.jpg
pay2day.ca/wp-content/uploads/2022/08/ 15 KB
15 KB 105ms
100ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2022/08/home-promotions-3free.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8967eaba5a80fb1150d3a290e1f894d944ee58ed2b934bf3530d093a2a741985

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Wed, 03 Aug 2022 14:57:00 GMT
server: nginx
etag: "62ea8cbc-3c54"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 15444
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 home-promotions-referral.jpg
pay2day.ca/wp-content/uploads/2022/08/ 18 KB
18 KB 107ms
102ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2022/08/home-promotions-referral.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a53864785edb3b7e6f645c509b0adef6c6001af091d70f9abfc65bae96322bd2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Wed, 03 Aug 2022 15:00:48 GMT
server: nginx
etag: "62ea8da0-46d4"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 18132
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 home-promotions-1500.jpg
pay2day.ca/wp-content/uploads/2022/08/ 13 KB
13 KB 109ms
105ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2022/08/home-promotions-1500.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 42c9216570c3ac336bf96e53f8321cbcdbd588c294597bc75ec3224ba35c2657

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Wed, 03 Aug 2022 14:56:43 GMT
server: nginx
etag: "62ea8cab-34ac"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 13484
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 inset-careers.png
pay2day.ca/wp-content/uploads/2021/09/ 34 KB
34 KB 140ms
135ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2021/09/inset-careers.png
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 216bf39dd574cec0d7ab0830c4b30ad207d378b6957338ad96cea7621f0e3e8b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:38:46 GMT
server: nginx
etag: "61994ec6-88e8"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 35048
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 phone-loan-dentist.jpg
pay2day.ca/wp-content/uploads/2021/11/ 21 KB
22 KB 147ms
142ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2021/11/phone-loan-dentist.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5ade74a7bea1650d598d7d2786bb9d88f4c43e4f721e8be44cc5be8985558a56

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Thu, 25 Nov 2021 15:57:25 GMT
server: nginx
etag: "619fb265-5514"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 21780
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 section-fasttrack.png
pay2day.ca/wp-content/uploads/2016/03/ 6 KB
6 KB 148ms
144ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2016/03/section-fasttrack.png
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 466afbadbc738b42fa5cef128cedeab4e1fab2aaf5e438ec729557dee0f3d2f3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:47:07 GMT
server: nginx
etag: "619950bb-18e0"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 6368
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 inset-about.jpg
pay2day.ca/wp-content/uploads/2016/01/ 26 KB
27 KB 149ms
145ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2016/01/inset-about.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: df930b85a1044e89ed216e014af0dcac8a9b58034244c516702856b0c1e25841

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:47:15 GMT
server: nginx
etag: "619950c3-69d8"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 27096
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 section-image-app.jpg
pay2day.ca/wp-content/uploads/2021/11/ 19 KB
19 KB 149ms
146ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2021/11/section-image-app.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f86a5f127aa01221204cc5375d67a2197223bb9debea575efb9da87a01056e53

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:38:45 GMT
server: nginx
etag: "61994ec5-4c32"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 19506
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 download-app-store.jpg
pay2day.ca/wp-content/uploads/2021/11/ 3 KB
3 KB 191ms
187ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2021/11/download-app-store.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 523493b30ff2aa6cf26323a6d9b49b20ede09cf8b395beeec76cd17f8e7c3069

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:38:45 GMT
server: nginx
etag: "61994ec5-a44"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 2628
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 download-google-play.jpg
pay2day.ca/wp-content/uploads/2021/11/ 3 KB
3 KB 191ms
188ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2021/11/download-google-play.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f0fda8f5bf32785d7d9bc1d8a21c43b02c6fdd332305b1053e54252496f496ac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:38:45 GMT
server: nginx
etag: "61994ec5-a22"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 2594
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 spin2win-logo.png
pay2day.ca/wp-content/uploads/2019/06/ 17 KB
17 KB 191ms
188ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2019/06/spin2win-logo.png
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d603f790cf7795a7c71f700f5a88b087d91b5aa23052fa7abb25e77eeb1b488

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:41:19 GMT
server: nginx
etag: "61994f5f-4358"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 17240
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 wp-polyfill.min.js Show response
pay2day.ca/wp-includes/js/dist/vendor/ 19 KB
7 KB 49ms
49ms Script
application/javascript 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pay2day.ca/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
last-modified: Sat, 28 May 2022 05:21:43 GMT
server: nginx
etag: W/"6291b167-4ac6"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 hooks.min.js Show response
pay2day.ca/wp-includes/js/dist/ 5 KB
2 KB 52ms
52ms Script
application/javascript 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pay2day.ca/wp-includes/js/dist/hooks.min.js
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
last-modified: Sat, 28 May 2022 05:21:43 GMT
server: nginx
etag: W/"6291b167-132e"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 i18n.min.js Show response
pay2day.ca/wp-includes/js/dist/ 10 KB
4 KB 50ms
43ms Script
application/javascript 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pay2day.ca/wp-includes/js/dist/i18n.min.js
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
last-modified: Sat, 28 May 2022 05:21:43 GMT
server: nginx
etag: W/"6291b167-27ee"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 pum-site-scripts.js Show response
pay2day.ca/wp-content/uploads/pum/ 186 KB
32 KB 192ms
189ms Script
application/javascript 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pay2day.ca/wp-content/uploads/pum/pum-site-scripts.js?defer
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9bc0cb0072663c95f2eeb40b8936582e7264d17d5757be6f24f4382973cde2af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
last-modified: Tue, 16 Aug 2022 16:45:22 GMT
server: nginx
etag: W/"62fbc9a2-2e82d"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 js Show response
maps.google.com/maps/api/ 161 KB
53 KB 144ms
69ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyB1NTR8jdmzuqXqIA_ywHsU2i6S0hGfSJk&language=en-ca

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

6834abd6ce693144f7777ea76a5fb9fc01c6eef027570e12e061f7723b9cfa45

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=39
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54017
x-xss-protection: 0
expires: Tue, 27 Sep 2022 19:53:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 155 KB
58 KB 110ms
40ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-960174483

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

701815bfd66d3e17763d8040d55213d82f45f5829251929a47be8eeb5879941c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59367
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Sep 2022 19:23:01 GMT

GET
H2 200 siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js Show response
pay2day.ca/wp-content/uploads/siteground-optimizer-assets/ 1 MB
386 KB 192ms
189ms Script
application/javascript 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 07f66f55f69d2e2f4c5504e36440114d42e05cce820efde07de5fa2184e957e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
last-modified: Thu, 22 Sep 2022 01:55:23 GMT
server: nginx
etag: W/"632bc08b-1633dd"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 icons.woff
pay2day.ca/wp-content/themes/betheme/fonts/mfn/ 80 KB
80 KB 183ms
182ms Font
font/woff 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pay2day.ca/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677

Request headers

Referer: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
Origin: https://pay2day.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Wed, 27 Oct 2021 02:14:25 GMT
server: nginx
etag: "6178b601-13e28"
x-proxy-cache-info: DT:1
content-type: font/woff
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 81448
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxP.ttf
fonts.gstatic.com/s/roboto/v30/ 54 KB
29 KB 126ms
65ms Font
font/ttf 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxP.ttf

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

139d66ae9a5a6b7f89d57c7653fd2b8cdb0c1b18b3bb17a56ec860a3e78e467e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay2day.ca/
Origin: https://pay2day.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30018
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:21:56 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xGIzc.ttf
fonts.gstatic.com/s/roboto/v30/ 55 KB
32 KB 84ms
28ms Font
font/ttf 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xGIzc.ttf

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c010c3c4c13bfc530a6c9ad6842c1d93463af4479a0b9fa6466b0eb6c515bfe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay2day.ca/
Origin: https://pay2day.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32060
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 09:24:49 GMT

GET
H2 200 home_transfer_content_links.png
pay2day.ca/wp-content/uploads/2015/06/ 222 B
451 B 171ms
168ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2015/06/home_transfer_content_links.png
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a8624663a2fa33d37d43256eb4c3f6223e6c285d83c2a09d6c0b1c4749580e3e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:47:28 GMT
server: nginx
etag: "619950d0-de"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 222
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 fancy_heading_hr.png
pay2day.ca/wp-content/themes/betheme/images/ 1 KB
1 KB 173ms
172ms Image
image/png 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/themes/betheme/images/fancy_heading_hr.png
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28cb4a0b3a910b1da57930ca1cd3261590c19559312358634f3ddef679ab0e09

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Wed, 27 Oct 2021 02:14:25 GMT
server: nginx
etag: "6178b601-47f"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 1151
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 4UaZrEtFpBI4f1ZSIK9d4LjJ4lM3OwpmPg.ttf
fonts.gstatic.com/s/exo/v20/ 41 KB
22 KB 68ms
68ms Font
font/ttf 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaZrEtFpBI4f1ZSIK9d4LjJ4lM3OwpmPg.ttf

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2104b36d6f0fd483dc7cda1c60bb5a8d7ee22d5d45af272fe6fa7ed038180204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay2day.ca/
Origin: https://pay2day.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 15:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22398
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:29:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 15:19:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc9.ttf
fonts.gstatic.com/s/roboto/v30/ 53 KB
29 KB 82ms
82ms Font
font/ttf 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc9.ttf

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6632fb6a66b8bfc3523d4ff39e6fbfe4a5fe3db3a1a80ac880b1fce221848cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay2day.ca/
Origin: https://pay2day.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30055
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:56:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc9.ttf
fonts.gstatic.com/s/roboto/v30/ 54 KB
29 KB 88ms
88ms Font
font/ttf 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc9.ttf

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

596b56fa7ba910664d7c517f4ce7b4da3e09e8e6e1024143a2cd50349365a7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay2day.ca/
Origin: https://pay2day.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:21:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30061
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:21:54 GMT

GET
H2 200 4UafrEtFpBISdmSt-MY2ehbO95t040BWN3Yo.ttf
fonts.gstatic.com/s/exo/v20/ 42 KB
23 KB 74ms
67ms Font
font/ttf 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UafrEtFpBISdmSt-MY2ehbO95t040BWN3Yo.ttf

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8151a4de599aeba7fe35dcceb9b3c56affc7ba3b6c2d1fc9415e385433f2f0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay2day.ca/
Origin: https://pay2day.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23713
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:24:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 20:47:18 GMT

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
446 B 105ms
44ms XHR
application/json 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyB1NTR8jdmzuqXqIA_ywHsU2i6S0hGfSJk&language=en-ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pay2day.ca
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 75ms
33ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=862801652&t=pageview&_s=1&dl=https%3A%2F%2Fpay2day.ca%2F&ul=en-us&de=UTF-8&dt=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2122655031&gjid=42503327&cid=474614274.1664306581&tid=UA-33283313-1&_gid=1433636381.1664306581&_r=1&_slc=1&z=1975935771

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay2day.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pay2day.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/7F25A40F7EA8FB08F2F4077E/ 14 KB
3 KB 113ms
66ms XHR
application/json 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/7F25A40F7EA8FB08F2F4077E/campaigns.json?s=j&l=https%3A%2F%2Fpay2day.ca%2F&user_uuid=7bd69b28-72f6-41ea-a42a-0e49e27f83a1&fence=1

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb9cfb4b2088cea4da18a4b4f989531674d8d2f24e66c441f6ab3e7780ba3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ipcountry: CA
date: Tue, 27 Sep 2022 19:23:01 GMT
x-ippostalcode
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
access-control-request-method: *
content-encoding: gzip
x-xss-protection: 0
x-request-id: f54aacb7-cd91-4bbd-a647-8bbf37909d81
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"deb9cfb4b2088cea4da18a4b4f989531"
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
via: 1.1 vegur
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: CA_
cf-ray: 75169c86de8e4bd1-YUL

GET
H2 200 ss.js Show response
koi-3qndl96j4m.marketingautomation.services/client/ 12 KB
5 KB 129ms
45ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://koi-3qndl96j4m.marketingautomation.services/client/ss.js?ver=2.4.0
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.240.178.107.bc.googleusercontent.com
Software: openresty /
Resource Hash: 926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 15:53:36 GMT
server: openresty
etag: W/"632b3380-2fc8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=604800, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 04 Oct 2022 19:23:01 GMT

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 428 KB
139 KB 114ms
27ms Script
application/x-javascript 138.128.247.123
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: 1560e0e0ca4caefe42f84c4c0ccbc328e5b6b0a6518a0b9f9430b2b2fba826a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: br
last-modified: Tue, 27 Sep 2022 00:25:51 GMT
etag: "6afd0-6332430f-af3ebb833015feec;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 142513
expires: Wed, 28 Sep 2022 19:23:01 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 88ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 57BE5D44CA094B1795E7F2CCFAA6E537 Ref B: YTO01EDGE0815 Ref C: 2022-09-27T19:23:01Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 27 Sep 2022 19:23:01 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame F050 5 KB
2 KB 23ms
22ms Document
text/html 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a4be15cb894c90edc1dffb3

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

476bd2c2b294afadf8e0b13ba5e38c467c2f6fd89b21e87165deab021018f314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pay2day.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 25103
cache-control: max-age=86400
content-encoding: gzip
content-length: 1751
content-type: text/html
date: Tue, 27 Sep 2022 12:24:39 GMT
etag: "a8a941f7dc068156715b31e54962cad0"
last-modified: Tue, 14 Jun 2022 14:06:43 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
x-amz-cf-id: 8eby8FOlTTdTeMXgUrTGovVHYnj8kkNw_I3PA0liPMmbD5fMRTNLIw==
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 321E 14 KB
4 KB 27ms
27ms Document
text/html 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5a4be15cb894c90edc1dffb3

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pay2day.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 25103
cache-control: max-age=86400
content-encoding: gzip
content-length: 3267
content-type: text/html
date: Tue, 27 Sep 2022 12:24:39 GMT
etag: "2922a85ce6caf46f828c097bf7aa1036"
last-modified: Tue, 20 Sep 2022 08:01:13 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
x-amz-cf-id: M25sQn9x-vi1pbef0njRgqMHD-EliDjPYFYw0ytF3--6iuWT283x1Q==
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 schema Show response
pay2day.ca/wp-json/contact-form-7/v1/contact-forms/14869/feedback/ 322 B
575 B 977ms
977ms Fetch
application/json 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL

https://pay2day.ca/wp-json/contact-form-7/v1/contact-forms/14869/feedback/schema

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),

Reverse DNS

27.94.208.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

10845f7568b352834dd5ae371b2a791b919c434c8b21d8bff8027e733b00ae6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://pay2day.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
link: <https://pay2day.ca/wp-json/>; rel="https://api.w.org/"
allow: GET
x-proxy-cache-info: 0 NC:000100 UP:
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-httpd-modphp: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-proxy-cache: BYPASS
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 2014ms
1973ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33283313-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SQJJ97E1M

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df24d3b938c33d2fd24254a3c84867901c7b997bcd79f356558082eb9cda9222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42332
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Sep 2022 19:23:03 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
343 B 98ms
33ms Ping
text/plain 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3SQJJ97E1M&gtm=2oe9q0&_p=862801652&_gaz=1&cid=474614274.1664306581&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664306581&sct=1&seg=0&dl=https%3A%2F%2Fpay2day.ca%2F&dt=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SQJJ97E1M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:808::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pay2day.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
334 B 88ms
33ms Ping
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3SQJJ97E1M&cid=474614274.1664306581&gtm=2oe9q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SQJJ97E1M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pay2day.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 91ms
38ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3SQJJ97E1M&cid=474614274.1664306581&gtm=2oe9q0&aip=1&z=1139367184

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 109ms
59ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-960174483

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:23:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 33ms
32ms XHR
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-33283313-1&cid=474614274.1664306581&jid=2122655031&gjid=42503327&_gid=1433636381.1664306581&_u=IEBAAEAAAAAAAC~&z=1997958421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay2day.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Sep 2022 19:23:01 GMT
content-type: text/plain
access-control-allow-origin: https://pay2day.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 header-background.png
pay2day.ca/wp-content/uploads/2015/11/ 246 B
475 B 48ms
46ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2015/11/header-background.png
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: db4c648e3080923d7d7714ed2784c1d7607700770c39e2abf2791b02f7fdb924

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:47:26 GMT
server: nginx
etag: "619950ce-f6"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 246
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 header-apply-online.png
pay2day.ca/wp-content/uploads/2018/04/ 4 KB
4 KB 52ms
51ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2018/04/header-apply-online.png
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 156ac9492c55e5bc2846ed934e63b022f623421935091d036d890ce8567327f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Sat, 20 Nov 2021 19:41:05 GMT
server: nginx
etag: "61994f51-fb2"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 4018
expires: Wed, 27 Sep 2023 19:23:01 GMT

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame F050 49 KB
16 KB 24ms
23ms Script
application/x-javascript 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a4be15cb894c90edc1dffb3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

89a9157d3c6cb92794c5c7489a209e3ca2551beeb7de2e7a0e09c0a049a059bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a4be15cb894c90edc1dffb3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 21010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 27 Sep 2022 13:32:52 GMT
content-length: 15538
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Jun 2022 14:06:48 GMT
server: AmazonS3
etag: "3c2cef4a08f0fe336be6859edd2acbec"
content-type: application/x-javascript
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: PHL50-C1
accept-ranges: bytes
x-amz-cf-id: Faj_s6LG2Jc8X3bbjxGc0n4IOV7ebr65rPx1qZW5iZ3DiPktwdrKLA==

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 321E 102 KB
28 KB 24ms
24ms Script
application/x-javascript 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5a4be15cb894c90edc1dffb3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

508b41fe32849ab2f6fbd59ef023d2ae1cb0bead935fd7164e94c7d92c1fee92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5a4be15cb894c90edc1dffb3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 26381
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 27 Sep 2022 12:03:21 GMT
content-length: 27969
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Sep 2022 08:01:15 GMT
server: AmazonS3
etag: "5d220cf839e981e50c65214dcd96e0fc"
content-type: application/x-javascript
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: PHL50-C1
accept-ranges: bytes
x-amz-cf-id: 7S4GFNauVtY130sshLetZVBWw_AVNbVKgvttjeN1Y0vt1CCSpGI3Rw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
763 B 101ms
38ms Script
text/javascript 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27e545e0bb0fd6d4b69386603f386a3b907f2654633f1fe5e80631e8eb98ddd5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 27 Sep 2022 19:23:01 GMT

GET
H2 200 755-086626e486c3e2950d93.js Show response
assets.privy.com/packs/js/ 88 KB
31 KB 79ms
20ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/755-086626e486c3e2950d93.js

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4f33558ec884158b2b139ca81a5172e64ffb9e3b70cf708ceb33043c57a844d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
via: 1.1 vegur, 1.1 89140e3fd0010a6b191ff3479e9d7e6c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 284
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 31072
last-modified: Tue, 27 Sep 2022 18:53:12 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: YUL62-C1
accept-ranges: bytes
cf-ray: 75169c889a48ca4f-YUL
x-amz-cf-id: VSxwiqIZ0sC4hCxOG4yehI3u4brF0IAtGTFo3OgEPSYPAgGVhsD9RA==

GET
H2 200 908-000e1ac551df9d63c8a5.js Show response
assets.privy.com/packs/js/ 38 KB
12 KB 79ms
21ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
via: 1.1 vegur, 1.1 637dba6131a9a1e300cf019b0a0edd44.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 6593
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 12368
last-modified: Tue, 27 Sep 2022 12:55:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: YUL62-C1
accept-ranges: bytes
cf-ray: 75169c889a4cca4f-YUL
x-amz-cf-id: e8krqyJ9lqAtfnqmiiP0WtHHJJu9m1GV6e5eh859cKTztHeQExFClg==

GET
H2 200 864-f9538eba7e93bec99a2f.js Show response
assets.privy.com/packs/js/ 19 KB
6 KB 81ms
23ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/864-f9538eba7e93bec99a2f.js

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db490d0e782d70ca57c6859b52a0d1cc2e0e2b6f3b5f471c3f96d05120c0bbd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
via: 1.1 vegur, 1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 6271
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 6183
last-modified: Tue, 27 Sep 2022 12:55:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: IAD89-C3
accept-ranges: bytes
cf-ray: 75169c889a50ca4f-YUL
x-amz-cf-id: kQ2RMWs3EIDKG2K7fV3TsnuS0nB2-KAIQ94Vk0BO8sgEpJZeEenFdw==

GET
H2 200 538-3a1baaacbf3d53d03d5f.js Show response
assets.privy.com/packs/js/ 108 KB
31 KB 92ms
35ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/538-3a1baaacbf3d53d03d5f.js

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f479b4f7603b89061cc4c957c08fc586cbe1f191d9397954b38b7c4799cbbb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
via: 1.1 vegur, 1.1 0af7b45c1245bf01064b3a3ce0d489f6.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 284
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 31794
last-modified: Tue, 27 Sep 2022 17:15:33 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: YUL62-C1
accept-ranges: bytes
cf-ray: 75169c889a51ca4f-YUL
x-amz-cf-id: 2yQR2zgO2SvNr_kQ6hJJ_nm3X29r5Fi1YQ4qF8yw_PTinpe66zi1Zw==

GET
H2 200 legacy_widget-c871638a0cbaf87e4c0f.chunk.js Show response
assets.privy.com/packs/js/ 114 KB
29 KB 85ms
29ms Script
application/javascript 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/packs/js/legacy_widget-c871638a0cbaf87e4c0f.chunk.js

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

810bfe95187a036878c650ce40340c279d23eb35b47f6aef151451037f3a891f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
via: 1.1 vegur, 1.1 1a0361f1d6eeb33d623d41bfabfa3e8e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 380
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 29021
last-modified: Tue, 27 Sep 2022 18:53:12 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: YUL62-C1
accept-ranges: bytes
cf-ray: 75169c889a52ca4f-YUL
x-amz-cf-id: LCXDD3yAw6daKL-zd443BIUPKgFWyBeTG8ngBbYh4xe8UT1H6WjTpw==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 86ms
36ms Image
image/gif 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-33283313-1&cid=474614274.1664306581&jid=2122655031&_u=IEBAAEAAAAAAAC~&z=1168284512

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 87ms
40ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-33283313-1&cid=474614274.1664306581&jid=2122655031&_u=IEBAAEAAAAAAAC~&z=1168284512

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25042871.js Show response
bat.bing.com/p/action/ 0
119 B 71ms
70ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25042871.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47F1E7E344BF472E91CD1870BA1DE451 Ref B: YTO01EDGE0815 Ref C: 2022-09-27T19:23:01Z
date: Tue, 27 Sep 2022 19:23:01 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25042871&Ver=2&mid=d5732fba-029e-4a66-be9f-9d1cd11b11d0&sid=cd906b803e9911ed9e17555e72829159&vid=cd909c403e9911ed9cc94dfd9cbf3879&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&p=https%3A%2F%2Fpay2day.ca%2F&r=&lt=837&evt=pageLoad&sv=1&rn=743010

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B613D0299964688AB57EC3AEDA81632 Ref B: YTO01EDGE0815 Ref C: 2022-09-27T19:23:01Z
date: Tue, 27 Sep 2022 19:23:01 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/pay2day.ca/ 159 B
346 B 116ms
27ms Fetch
application/json 147.185.239.229
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/pay2day.ca/config.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.185.239.229 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: e578c3357982c69247cbd5d1680a0fb8d34df39b25c4bcd83d4177b0b9bd5b76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
last-modified: Tue, 27 Sep 2022 19:21:17 GMT
etag: "9f-63334d2d-9075bd24b95c280a;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 159
expires: Wed, 28 Sep 2022 19:23:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960174483/ 2 KB
2 KB 134ms
87ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960174483/?random=1664306581858&cv=9&fst=1664306581858&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpay2day.ca%2F&tiba=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&auid=57125499.1664306582&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35e866fcab13656eadebd6f2831b5ce7a087557e4d7d73aa610ef8e6b91f04c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 53aa8807dec7e10d38f59f32 Show response
widget.trustpilot.com/trustbox-data/ Frame F050 859 B
845 B 35ms
29ms XHR
application/json 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=5a4be15cb894c90edc1dffb3&locale=en-CA

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

Resource Hash

28fc2b5d89f3dceaa8f2f3482578ed5979d77a47f1edd03cac5c025dbe494985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a4be15cb894c90edc1dffb3
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 771
x-cache: Hit from cloudfront
date: Tue, 27 Sep 2022 19:10:10 GMT
content-length: 389
x-xss-protection: 1; mode=block
x-skip-cache-cookie: 0
etag: "e248f754a00a3ea39e1ccdc76b6a767c"
vary: Accept-Encoding
x-fallback-status: BYPASS
content-type: application/json; charset=utf-8
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
cache-control: public,max-age=1800
x-amz-cf-pop: PHL50-C1
x-amz-cf-id: z79JvvoET4Now6wFCKGl51idajLdKh-3CAhH__gWLczViv9nKsiwjg==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame F050 0
322 B 104ms
99ms XHR
text/plain 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-CA&styleHeight=140px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fpay2day.ca%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5a4be15cb894c90edc1dffb3&widgetId=53aa8807dec7e10d38f59f32

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a4be15cb894c90edc1dffb3
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Kestrel
x-amz-cf-pop: PHL50-C1
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: X_w-zlBckhsXBn-aOoVCeF9Uowa3Jex75xLhKh_u2ULvJ_SXXLf4Sg==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxView Show response
widget.trustpilot.com/stats/ Frame F050 0
322 B 104ms
100ms XHR
text/plain 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxView?locale=en-CA&styleHeight=140px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fpay2day.ca%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5a4be15cb894c90edc1dffb3&widgetId=53aa8807dec7e10d38f59f32

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5a4be15cb894c90edc1dffb3
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Kestrel
x-amz-cf-pop: PHL50-C1
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: 5Ro2np3IIfz05SsCYTNsFOpBZsiMk-psJriZE-kkBd_AKpBVYBz75w==
x-xss-protection: 1; mode=block

GET
H2 200 53aa8912dec7e10d38f59f36 Show response
widget.trustpilot.com/trustbox-data/ Frame 321E 8 KB
3 KB 32ms
30ms XHR
application/json 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5a4be15cb894c90edc1dffb3&locale=en-CA&reviewStars=5&includeReviews=true&reviewsPerPage=15

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

Resource Hash

b9b66e3c99e02a27c8e4d880559175c358362265d9806dc91dbd187659caf107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5a4be15cb894c90edc1dffb3
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 771
x-cache: Hit from cloudfront
date: Tue, 27 Sep 2022 19:10:10 GMT
content-length: 2339
x-xss-protection: 1; mode=block
x-skip-cache-cookie: 0
etag: "28727b22768259b88a7c2d934ee0d8a6"
vary: Accept-Encoding
x-fallback-status: BYPASS
content-type: application/json; charset=utf-8
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
cache-control: public,max-age=1800
x-amz-cf-pop: PHL50-C1
x-amz-cf-id: W5Lm_qlnWJfun-EUaqaHNOOV-RyVYr9qGUB-1K2PKSU5Kg5sZ4ePzQ==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 321E 0
322 B 105ms
104ms XHR
text/plain 13.224.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-CA&styleHeight=150px&styleWidth=100%25&theme=light&stars=5&schemaType=Organization&url=https%3A%2F%2Fpay2day.ca%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5a4be15cb894c90edc1dffb3&widgetId=53aa8912dec7e10d38f59f36

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-25.phl50.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5a4be15cb894c90edc1dffb3
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:01 GMT
via: 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Kestrel
x-amz-cf-pop: PHL50-C1
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: 7CECl9zCN_u2N91HyUu8SI-GxDht4Wlk6AieWU5kDs85VYgMpXF5Yw==
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ 389 KB
155 KB 70ms
20ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pay2day.ca/
Origin: https://pay2day.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158248
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 19:19:50 GMT

POST
H2 200 collect Show response
events.privy.com/v2/ 0
149 B 79ms
67ms XHR
text/html 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.privy.com/v2/collect

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/755-086626e486c3e2950d93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://pay2day.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 27 Sep 2022 19:23:02 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
x-request-id: 1a92c08b-3f6d-4e69-8d6c-f167db186aa6
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 75169c893b754bd1-YUL

GET
H2 200 widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css
assets.privy.com/assets/ 245 KB
25 KB 27ms
26ms Stylesheet
text/css 2606:4700:10::6816:146c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.privy.com/assets/widget-f7bedc88f5d7f36c2240bbbfdd34b1550a86336a959c1e8553e5604b955bb2da.css

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/legacy_widget-c871638a0cbaf87e4c0f.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:01 GMT
via: 1.1 vegur, 1.1 e7ff4a714a3b1f464db9c76ee954a564.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
cf-cache-status: HIT
age: 284
x-cache: Hit from cloudfront
content-encoding: gzip
content-length: 25091
last-modified: Mon, 16 May 2022 16:06:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-pop: DEN50-C2
accept-ranges: bytes
cf-ray: 75169c892af5ca4f-YUL
x-amz-cf-id: Mo--a9MP1XGpA8t3DnFOZ32fcCMUTQlXUfK8TEVDAt5kMpBO8Z_w5Q==

GET
H2

200

collect
google-analytics.com/
Redirect Chain

https://privymktg.com/collect?v=1&cid=7bd69b28-72f6-41ea-a42a-0e49e27f83a1&cd1=7F25A40F7EA8FB08F2F4077E&tid=UA-20331028-1&t=pageview&ci=7F25A40F7EA8FB08F2F4077E&cm=web&cn=7F25A40F7EA8FB08F2F4077E&e...
https://google-analytics.com/collect?v=1&cid=7bd69b28-72f6-41ea-a42a-0e49e27f83a1&cd1=7F25A40F7EA8FB08F2F4077E&tid=UA-20331028-1&t=pageview&ci=7F25A40F7EA8FB08F2F4077E&cm=web&cn=7F25A40F7EA8FB08F2F...

35 B
392 B

89ms
20ms

Image
image/gif

2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://google-analytics.com/collect?v=1&cid=7bd69b28-72f6-41ea-a42a-0e49e27f83a1&cd1=7F25A40F7EA8FB08F2F4077E&tid=UA-20331028-1&t=pageview&ci=7F25A40F7EA8FB08F2F4077E&cm=web&cn=7F25A40F7EA8FB08F2F4077E&ec=widget&dl=https%3A%2F%2Fpay2day.ca%2F&dt=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&ul=en-US&z=5745292219052949

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Server

2607:f8b0:4006:80e::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 17:34:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6505
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 27 Sep 2022 19:23:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ns4%2B06RRCY%2BY6MkmgyK3S%2FbamLSU2XTr2Q1ykEMCztCkDazzM8NuL%2BDlyd75xyVECjdLJtpyPLXy1ihEKShY0yQuLRyBnJ26S5Kke6nB1XB9dboPoSk%2Bwttxs5Hv19zpnRu1Uty5tGbsvIWD"}],"group":"cf-nel","max_age":604800}
location: https://google-analytics.com/collect?v=1&cid=7bd69b28-72f6-41ea-a42a-0e49e27f83a1&cd1=7F25A40F7EA8FB08F2F4077E&tid=UA-20331028-1&t=pageview&ci=7F25A40F7EA8FB08F2F4077E&cm=web&cn=7F25A40F7EA8FB08F2F4077E&ec=widget&dl=https%3A%2F%2Fpay2day.ca%2F&dt=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&ul=en-US&z=5745292219052949
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 75169c898a117154-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 koi Show response
koi-3qndl96j4m.marketingautomation.services/ 148 B
177 B 133ms
119ms Script
application/javascript 107.178.240.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://koi-3qndl96j4m.marketingautomation.services/koi?rf=&hn=pay2day.ca&lg=en-US&sr=1600x1200&cd=24&vr=2.4.0&se=1664306581798&ac=KOI-3ZPY56NIO8&ts=1664306582&pt=0&pl=0&loc=https%3A%2F%2Fpay2day.ca%2F&tp=page&ti=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY

Requested by

Host: koi-3qndl96j4m.marketingautomation.services
URL: https://koi-3qndl96j4m.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

224.240.178.107.bc.googleusercontent.com

Software

openresty /

Resource Hash

4baa439c116f7b568f95147360c99dce67103595ed96c8f3f6359f6f76e4defd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:02 GMT
content-encoding: gzip
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 27 Sep 2022 19:23:02 GMT
server: openresty
vary: Accept-Encoding
p3p: CP='This is not a P3P policy! See https://sharpspring.com/legal/privacy/ for more info.'
via: 1.1 google
cache-control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
pod-hostname: koi-88d69ff87-dkx7t
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 107ms
38ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,500,700%7COpen+Sans:400,700

Requested by

Host: assets.privy.com
URL: https://assets.privy.com/packs/js/908-000e1ac551df9d63c8a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0640c2bafbea6e239ac2d24cc5c911d9b2b169ae9978a865cae44c8b3916d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 19:23:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 27 Sep 2022 19:23:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Sep 2022 19:23:02 GMT

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 237 KB
25 KB 68ms
60ms Fetch
application/json 147.185.239.229
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.185.239.229 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: 33838de8926e3b58395b1bc92f558e6ea5fd2c6700ed2785959dd14fe709e231

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:02 GMT
content-encoding: br
last-modified: Tue, 27 Sep 2022 00:27:04 GMT
etag: "3b5bb-63324358-394b068e749e6a67;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 25825
expires: Wed, 28 Sep 2022 19:23:02 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/960174483/ 42 B
64 B 92ms
38ms Image
image/gif 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960174483/?random=1664306581858&cv=9&fst=1664305200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpay2day.ca%2F&tiba=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&async=1&fmt=3&is_vtc=1&random=4215116669&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/960174483/ 42 B
64 B 53ms
47ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/960174483/?random=1664306581858&cv=9&fst=1664305200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpay2day.ca%2F&tiba=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&async=1&fmt=3&is_vtc=1&random=4215116669&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6F5F 43 KB
22 KB 80ms
52ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly9wYXkyZGF5LmNhOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=kn5lo923fvms

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

287be2b4655497bb6e136e3aa7b7416137f01acdf217e188564f0981a9dea12c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--6Wix-jRsispmwxuwzLrcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pay2day.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22791
content-security-policy: script-src 'report-sample' 'nonce--6Wix-jRsispmwxuwzLrcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 19:23:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 logomono.svg
web1.acsbapp.com/apps/app/dist/media/ 4 KB
1 KB 50ms
38ms Image
image/svg+xml 138.128.247.123
KAMATERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web1.acsbapp.com/apps/app/dist/media/logomono.svg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.128.247.123 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software: /
Resource Hash: eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:02 GMT
content-encoding: br
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1210
expires: Wed, 27 Sep 2023 19:23:02 GMT

GET
H2 200 5e307e4876b218d42c000874.js Show response
tag.perfectaudience.com/serve/ 12 KB
4 KB 94ms
47ms Script
text/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/5e307e4876b218d42c000874.js

Requested by

Host: koi-3qndl96j4m.marketingautomation.services
URL: https://koi-3qndl96j4m.marketingautomation.services/client/ss.js?ver=2.4.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

7d650cefeab548e68e23bf0f74accf118cef1621b66c8411eb2113ced097d60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:02 GMT
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
server: Cowboy
age: 0
x-served-by: cache-yul12827-YUL
vary: Accept-Encoding
x-cache: MISS
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=1800
accept-ranges: bytes
x-timer: S1664306582.275177,VS0,VE34
content-length: 3899
x-cache-hits: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 6F5F 52 KB
24 KB 70ms
29ms Stylesheet
text/css 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly9wYXkyZGF5LmNhOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=kn5lo923fvms

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 19:20:58 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 6F5F 389 KB
155 KB 76ms
36ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158248
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 19:19:50 GMT

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=103059&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=103059&source=js_tag

125 B
454 B

28ms
25ms

Script
text/javascript

34.236.34.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=103059&source=js_tag
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: HTTP/1.1
Server: 34.236.34.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-34-170.compute-1.amazonaws.com
Software: /
Resource Hash: 93d6483e1e5f9a8f566138165402377719ee0e58b045e74d9b24d1270efa6af9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=103059&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6F5F 102 B
133 B 62ms
56ms Other
text/javascript 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

87f9dd28eeec028a050aa297c049f267f5c853a542a2cc1dccbd010b50f6e855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ&co=aHR0cHM6Ly9wYXkyZGF5LmNhOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=kn5lo923fvms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 27 Sep 2022 19:23:02 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 20C3 7 KB
1 KB 42ms
41ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bc4b410a4de56bb3aa4c7e279e694838c5a4f17bed567d0cec60aa8d9b2ae31c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B-2LD3gJQokj70gy3xnaFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pay2day.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-B-2LD3gJQokj70gy3xnaFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 19:23:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
pixel-geo.prfct.co/usermap/
Redirect Chain

https://secure.adnxs.com/getuid?https://pixel-geo.prfct.co/usermap/?xid=$UID&sid=202209|63334d9615e78558d957d38b&pid=pa_QvNTMoQMdOBA2wv7p
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel-geo.prfct.co%2Fusermap%2F%3Fxid%3D%24UID%26sid%3D202209%7C63334d9615e78558d957d38b%26pid%3Dpa_QvNTMoQMdOBA2wv7p
https://pixel-geo.prfct.co/usermap/?xid=4275696913961491613&sid=202209|63334d9615e78558d957d38b&pid=pa_QvNTMoQMdOBA2wv7p

43 B
256 B

25ms
24ms

Image
image/gif

34.236.34.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/usermap/?xid=4275696913961491613&sid=202209|63334d9615e78558d957d38b&pid=pa_QvNTMoQMdOBA2wv7p
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: HTTP/1.1
Server: 34.236.34.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-34-170.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 19:23:02 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: dc4c705f-2dd0-48e8-9313-b381968bfab8
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel-geo.prfct.co/usermap/?xid=4275696913961491613&sid=202209|63334d9615e78558d957d38b&pid=pa_QvNTMoQMdOBA2wv7p
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_QvNTMoQMdOBA2wv7p

43 B
394 B

146ms
45ms

Image
image/gif

104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_QvNTMoQMdOBA2wv7p

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 6
date: Tue, 27 Sep 2022 19:23:02 GMT
server: tsa_b
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
x-transaction-id: a3e6ddaf854c1af8
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5f1adf134c443a3e550a21c86e82d48bdaf187de76db16354ab85288f10eb2fa
content-length: 43

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_QvNTMoQMdOBA2wv7p
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_QvNTMoQMdOBA2wv7p&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_QvNTMoQMdOBA2wv7p&_origin=1&verify=true

0
121 B

28ms
28ms

Image
text/plain

52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_QvNTMoQMdOBA2wv7p&_origin=1&verify=true

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:02 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_QvNTMoQMdOBA2wv7p&_origin=1&verify=true
date: Tue, 27 Sep 2022 19:23:02 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_QvNTMoQMdOBA2wv7p
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_QvNTMoQMdOBA2wv7p

43 B
61 B

59ms
45ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_QvNTMoQMdOBA2wv7p
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_QvNTMoQMdOBA2wv7p
date: Tue, 27 Sep 2022 19:23:02 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_QvNTMoQMdOBA2wv7p

42 B
766 B

117ms
26ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_QvNTMoQMdOBA2wv7p
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78008fe701b681dce86a72fc23cacc40
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_QvNTMoQMdOBA2wv7p
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfUXZOVE1vUU1kT0JBMnd2N3A
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

31ms
30ms

Image
image/gif

34.236.34.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: HTTP/1.1
Server: 34.236.34.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-34-170.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 95ms
44ms Image
image/gif 34.236.34.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=20510280&source=js_tag&a_id=103059
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.34.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-34-170.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=20510280
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D20510280

43 B
1 KB

19ms
19ms

Image
image/gif

68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D20510280

Requested by

Host: pay2day.ca
URL: https://pay2day.ca/

Protocol

HTTP/1.1

Server

68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 19:23:02 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: a565d9f3-1d93-4147-916f-18d74ebc43e7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 19:23:02 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7352f654-128e-456f-9d27-a6cba812ae88
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D20510280
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 20C3 52 KB
24 KB 21ms
20ms Stylesheet
text/css 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 19:20:58 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 20C3 389 KB
155 KB 26ms
26ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158248
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 19:19:50 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 20C3 39 KB
24 KB 71ms
71ms XHR
application/json 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10b8b3cced97db2b2a4c7f76f23887d5bf77391ff5b939883a5946cec8259c62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&k=6LckSxkUAAAAAPsPs4TtrT-Yp3S9uEF4N_8DMVuZ
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 27 Sep 2022 19:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24156
x-xss-protection: 1; mode=block
expires: Tue, 27 Sep 2022 19:23:02 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
33ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=862801652&t=pageview&_s=1&dl=https%3A%2F%2Fpay2day.ca%2F&ul=en-us&de=UTF-8&dt=Instant%20payday%20loans%20Canada%20%7C%2024%2F7%20Online%20Cash%20Advance%20%7C%20PAY2DAY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1222543752&gjid=1203739968&cid=474614274.1664306581&tid=UA-33283313-1&_gid=1433636381.1664306581&_r=1&gtm=2ou9q0&z=1820303574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay2day.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pay2day.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 85ms
34ms XHR
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-33283313-1&cid=474614274.1664306581&jid=1222543752&gjid=1203739968&_gid=1433636381.1664306581&_u=aEDAAUABAAAAAC~&z=1532914088

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pay2day.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Sep 2022 19:23:03 GMT
content-type: text/plain
access-control-allow-origin: https://pay2day.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spin-win-popup-background-yellow.jpg
pay2day.ca/wp-content/uploads/2019/08/ 27 KB
27 KB 83ms
82ms Image
image/webp 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pay2day.ca/wp-content/uploads/2019/08/spin-win-popup-background-yellow.jpg
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 27.94.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7e39bc0c4fbfc5747635e1310bf9d4956eb1b29a3ba6f288d54b71028b11a0e7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-b2fb391524a8ad8d3a6a91fee3f8fb57.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:03 GMT
last-modified: Sat, 20 Nov 2021 19:41:09 GMT
server: nginx
etag: "61994f55-6b8e"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 27534
expires: Wed, 27 Sep 2023 19:23:03 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
38ms Image
image/gif 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-33283313-1&cid=474614274.1664306581&jid=1222543752&_u=aEDAAUABAAAAAC~&z=327887903

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 39ms
38ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-33283313-1&cid=474614274.1664306581&jid=1222543752&_u=aEDAAUABAAAAAC~&z=327887903

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 53 KB
17 KB 162ms
48ms Script
text/javascript 2600:9000:20ed:ee00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: pay2day.ca
URL: https://pay2day.ca/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-8a6f5f5000997a97018b2e4915ae14b0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:ee00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bf08a79b40655c8d77d19af5a176e0173270c34c564c7685493475f2389f1f6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: Vddx38ZQKv1IbZ14KTosCACMGBmCuRF1
Content-Encoding: gzip
Etag: W/"ce41fb88f59dfd9edbd6253effb535a4"
Age: 2413
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
Last-Modified: Wed, 07 Sep 2022 21:24:31 GMT
Server: AmazonS3
Date: Tue, 27 Sep 2022 18:42:50 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: PHL50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -HD-uxLD1hmKFJcZOw3hFA5mqKO9eNFVu6Al2Whk7m-d-svXdL56mg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/KHB2EGINOZBOJH3MZOZQPJ/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

64ms
43ms

Script
application/javascript

2600:9000:20ed:ee00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Server: 2600:9000:20ed:ee00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: U3dsSGRYl2soVpEEAxBIaMUfj33DKRpK
Via: 1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 28876
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 28
Last-Modified: Wed, 21 Sep 2022 22:19:29 GMT
Server: AmazonS3
Date: Tue, 27 Sep 2022 11:21:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: PHL50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8voK8VYzo6jcLJgXrkr5SJ_pj-r_vvjM2xfYAgO22r8wSk2G3FoeSw==

Redirect headers

Date: Tue, 27 Sep 2022 09:51:45 GMT
Via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
Age: 34278
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: PHL50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nbq8vIUXKfipeR3rnl1_T0neIc3c-vyfYt7HWNhzzvr97kUwGjasKw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

40ms
40ms

Script
application/javascript

2600:9000:20ed:ee00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:20ed:ee00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 21932
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Tue, 27 Sep 2022 13:17:39 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: PHL50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: DdtODvpfutnvjUluV6sUBewCM28mKrjFMQ44DSLNPhRe-GnN072mbA==

Redirect headers

Date: Tue, 27 Sep 2022 11:47:07 GMT
Via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
Age: 27357
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: PHL50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: HF66eTotRnNM6MaawTReQfjHJeRj4m3D-mDRf-hVYDjRiyT5l98FtQ==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325/ 0
809 B 119ms
50ms Script
text/javascript 2600:9000:20ed:ee00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:ee00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: iV4pyIoHmFJizY9qkVqX9ahXfWL9Dfrl
Via: 1.1 8a0d00c8697029a8a8411a2a06403ade.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 1366
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Tue, 27 Sep 2022 01:20:22 GMT
Server: AmazonS3
Date: Tue, 27 Sep 2022 19:00:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: PHL50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: FbsWATGQaFHm27CeWq4ZU8N38bvG8mXe-Cx-vFVWenzNxsZSgGjM4Q==

GET
H2 200 KHB2EGINOZBOJH3MZOZQPJ Show response
d.adroll.com/consent/check/ 449 B
918 B 83ms
24ms Script
application/javascript 3.225.142.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/KHB2EGINOZBOJH3MZOZQPJ?arrfrr=https%3A%2F%2Fpay2day.ca%2F&_s=16b1e6a911a365d0c2d3d576821f4d52&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.142.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-142-71.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 447bb447d3ed9126a4b6b248274e7c34392e454231db3672f0d39aa3d199128c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 449
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 204 /
pay2day.ca/wp-json/pum/v1/analytics/ 0
351 B 444ms
444ms Image
text/plain 35.208.94.27
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pay2day.ca/wp-json/pum/v1/analytics/?event=open&pid=14643&_cache=1664306584136

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.208.94.27 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),

Reverse DNS

27.94.208.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:04 GMT
x-content-type-options: nosniff
server: nginx
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-proxy-cache-info: 0 NC:000000 UP:
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-httpd-modphp: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-robots-tag: noindex
link: <https://pay2day.ca/wp-json/>; rel="https://api.w.org/"
x-proxy-cache: MISS

GET
H/1.1

200
OK

HKCVHB2XGRGWJFUZWUYQC6.js Show response
s.adroll.com/pixel/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325/
Redirect Chain

https://d.adroll.com/pixel/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&pv=42992475141.83786&cookie=&ad...
https://s.adroll.com/pixel/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325/HKCVHB2XGRGWJFUZWUYQC6.js

4 KB
2 KB

42ms
42ms

Script
text/javascript

2600:9000:20ed:ee00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325/HKCVHB2XGRGWJFUZWUYQC6.js
Protocol: HTTP/1.1
Server: 2600:9000:20ed:ee00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 389484831916a8c904b1d47e06c7fd5c5d1b41c28e74c073f47fe495cc8af240

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

X-Amz-Version-Id: pETocl9YdV8_70gVHK4zE0KnhUIb9djT
Content-Encoding: gzip
Etag: W/"a22232bd30d97301f926ac1734948ddc"
Age: 1365
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Aug 2022 20:48:59 GMT
Server: AmazonS3
Date: Tue, 27 Sep 2022 19:00:20 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: PHL50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nXv6wuU2A-8hGktuvvoEhFWC8r3trQRi-2weZU2886wIzbNd_HxnXA==

Redirect headers

date: Tue, 27 Sep 2022 19:23:04 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 0
pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.20.0
x-rule: *
x-segment-eid: HKCVHB2XGRGWJFUZWUYQC6
location: https://s.adroll.com/pixel/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325/HKCVHB2XGRGWJFUZWUYQC6.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: LLSCWJSGCZFBRNCV5LO325
x-segment-name: *
x-advertisable-eid: KHB2EGINOZBOJH3MZOZQPJ
x-conversion-currency

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 72ms
26ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d.adroll.com
URL: https://d.adroll.com/pixel/KHB2EGINOZBOJH3MZOZQPJ/LLSCWJSGCZFBRNCV5LO325?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&pv=42992475141.83786&cookie=&adroll_s_ref=&keyw=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-xss-protection: 0
pragma: public
x-fb-debug: lQyCd4ifrO8JAlnrz0tWCYhs8MVDrUyezN+TnHwWTClkaqcLiOwYVpzyCm745PuZJdndQ21PP99Qr0oJr2gc2Q==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 19:23:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expiration=1695842584
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expiration=1695842584&C=1

43 B
883 B

152ms
127ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expiration=1695842584&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 75169c992d87a1e1-YYZ
pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3YVdXN5cktjXOgaYUK%2Bnyvg%2FUYReGyME08Hwz4IIxsTjEOd7umspGtsHiMGQhq8epHKVuwCp3mHtw%2FbfLURP515axNFYPBdbBxs%2B%2BPJH1Co7vPVeyglWdw5p2Zw%2BB%2BR7Ey1yNNUyC9jiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpFZdaYeLaYqqAIt7ou85l5YR%2Bp92XFzYz7ctfMw%2F0fIRdirjeLNio67nKxQIkemjPJgYmgbE%2FBFlikAeg850l1L72t%2Fl8%2BxNJUzHjtTSmMxFg5VM8XiubotV3%2BoINL%2BrXSFRPyNcetrFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=105&external_user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expiration=1695842584&C=1
cache-control: no-cache
cf-ray: 75169c9818264009-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expires=365

42 B
766 B

30ms
27ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expires=365
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: d3682eda7e5cb79782b1d5475f50e8fc
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&expires=365
pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM

0
308 B

157ms
31ms

Image
text/plain

64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM
Protocol: HTTP/1.1
Server: 64.202.112.223 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 19:23:04 GMT
Cache-Control: no-cache
X-TraceId: 5492313171df23684c0eaf2bc38608ef
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM
pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
493 B

148ms
48ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM

0
222 B

82ms
20ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17642

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM
pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://eb2.3lift.com/xuid?mid=4714&xuid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

32ms
30ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
324 B

31ms
27ms

Image
text/plain

52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:23:04 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 169
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://x.bidswitch.net/sync?dsp_id=44&user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM

43 B
510 B

37ms
35ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 19:23:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM
Date: Tue, 27 Sep 2022 19:23:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://ib.adnxs.com/setuid?entity=172&code=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM

43 B
1 KB

68ms
27ms

Image
image/gif

68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM

Protocol

HTTP/1.1

Server

68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 19:23:04 GMT
X-Proxy-Origin: 149.56.153.178; 149.56.153.178; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6263c884-8b26-4349-84fe-1f28ce65ffd1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=172&code=NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM
pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 93
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H3

200

458249.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://idsync.rlcdn.com/377928.gif?partner_uid=5f6c49448eedf4dff6901c1a037ce0b3
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjMQABoNCJibzZkGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=201d3047e0aa5c7cce83a49e32290d457684c646cd8a43c8bfc01cf4c29b5919791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyMDFkMzA0N2UwYWE1YzdjY2U4M2E0OWUzMjI5MGQ0NTc2ODRjNjQ2Y2Q4YTQzYzhiZmMwMWNmNGMyOWI1OTE5NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyMDFkMzA0N2UwYWE1YzdjY2U4M2E0OWUzMjI5MGQ0NTc2ODRjNjQ2Y2Q4YTQzYzhiZmMwMWNmNGMyOWI1OTE5NzkxNDI2YjU0MTdkY2UyMRAAGgwImJvNmQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=2a42bf22-c2dd-4e62-87df-0a49fa164b50

42 B
60 B

43ms
42ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=2a42bf22-c2dd-4e62-87df-0a49fa164b50
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 19:23:04 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=2a42bf22-c2dd-4e62-87df-0a49fa164b50
date: Tue, 27 Sep 2022 19:23:04 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H3

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ
https://us-u.openx.net/w/1.0/sd?id=537103138&val=5f6c49448eedf4dff6901c1a037ce0b3&gdpr=0&gdpr_consent=

43 B
61 B

43ms
40ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=5f6c49448eedf4dff6901c1a037ce0b3&gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=5f6c49448eedf4dff6901c1a037ce0b3&gdpr=0&gdpr_consent=
pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 108
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=ca35c5aea7316e0dad350ded253aee8e-1664306584147&arrfrr=https%3A%2F%2Fpay2day.ca%2F&advertisable=KHB2EGINOZBOJH3MZOZQPJ&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=X2xJRI7t9N_2kBwaA3zgsw
https://d.adroll.com/cm/g/in

42 B
537 B

36ms
35ms

Image
image/gif

3.225.142.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Server: 3.225.142.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-142-71.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
server: nginx/1.20.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 19:23:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1247536745447045 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 102ms
78ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1247536745447045?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d34738213b0dbe1797e78a9f8fb4d04464c5ac7dca61e5a14dca13b47f9264c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 3pIzp8FPKIm2DYuMsZ67W0oCD5QjXnTn6dIbxh9YAMqpX3xPs6WQri9EdZXI9vw5sbbRGb9fwZM//toykHqyRw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 19:23:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 60ms
18ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1247536745447045&ev=PageView&dl=https%3A%2F%2Fpay2day.ca%2F&rl=&if=false&ts=1664306584514&cd[segment_eid]=HKCVHB2XGRGWJFUZWUYQC6&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664306584512.5154338&it=1664306584327&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 27 Sep 2022 19:23:04 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 common.js Show response
maps.google.com/maps-api-v3/api/js/50/6/ 246 KB
68 KB 70ms
30ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/50/6/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyB1NTR8jdmzuqXqIA_ywHsU2i6S0hGfSJk&language=en-ca

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f37f4f2ac2c66956043d95284071e516a633f7113819e8a675a68577c82b29ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69343
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 19:19:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 10:43:40 GMT

GET
H3 200 util.js Show response
maps.google.com/maps-api-v3/api/js/50/6/ 158 KB
58 KB 60ms
21ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/50/6/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyB1NTR8jdmzuqXqIA_ywHsU2i6S0hGfSJk&language=en-ca

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c57756950e7e2a4219d67ac9f6822c57a3bd19484e7cd197e7c3b35fccaa05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay2day.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59541
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 19:19:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 09:00:57 GMT

Verdicts & Comments Add Verdict or Comment

294 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 10:37:38	Name: _GRECAPTCHA Value: 09AK_d_368o9Kob8IfXwOqJcc1EiGJgy08iXU_sLQw2VDjYuVZohHHCYypAMw61Gcc5eb7R1XStTlyIg3DvHTJkLA
.pay2day.ca/	1970-01-20 06:19:52	Name: _gid Value: GA1.2.1433636381.1664306581
.pay2day.ca/	1970-01-20 06:18:26	Name: _gat Value: 1
.pay2day.ca/	1970-01-20 15:54:26	Name: _ga_3SQJJ97E1M Value: GS1.1.1664306581.1.0.1664306581.60.0.0
.pay2day.ca/	1970-01-20 08:28:02	Name: _gcl_au Value: 1.1.57125499.1664306582
.bing.com/	1970-01-20 15:40:02	Name: MUID Value: 3597E0FA37A96FFE0CC3F2D636836E14
.bat.bing.com/	1970-01-20 06:28:31	Name: MR Value: 0
.pay2day.ca/	1970-01-20 15:04:02	Name: _privy_7F25A40F7EA8FB08F2F4077E Value: %7B%22uuid%22%3A%227bd69b28-72f6-41ea-a42a-0e49e27f83a1%22%2C%22variations%22%3A%7B%7D%2C%22country_code%22%3A%22CA%22%2C%22region_code%22%3A%22CA_%22%2C%22postal_code%22%3A%22%22%7D
pay2day.ca/	1970-01-20 06:19:52	Name: __ss Value: 1664306581798
pay2day.ca/	1970-01-20 06:18:30	Name: __ss_referrer Value: https%3A//pay2day.ca/
.pay2day.ca/	1970-01-20 06:19:52	Name: _uetsid Value: cd906b803e9911ed9e17555e72829159
.pay2day.ca/	1970-01-20 15:40:02	Name: _uetvid Value: cd909c403e9911ed9cc94dfd9cbf3879
.marketingautomation.services/	1970-01-20 15:54:26	Name: koitk Value: 202209%7C63334d9615e78558d957d38b
pay2day.ca/	1970-01-20 15:54:26	Name: __ss_tk Value: 202209%7C63334d9615e78558d957d38b
.prfct.co/	1970-01-20 15:54:26	Name: pa_uid Value: pa_QvNTMoQMdOBA2wv7p
.prfct.co/	1970-01-20 15:54:26	Name: pa_twitter_ts Value: 1664306582659
.prfct.co/	1970-01-20 15:54:26	Name: pa_yahoo_ts Value: 1664306582687
.prfct.co/	1970-01-20 15:54:26	Name: pa_rubicon_ts Value: 1664306582707
.prfct.co/	1970-01-20 15:54:26	Name: pa_openx_ts Value: 1664306582708
.prfct.co/	1970-01-20 15:54:26	Name: pa_google_ts Value: 1664306582708
.adnxs.com/	1970-01-20 08:28:02	Name: uuid2 Value: 4275696913961491613
.yahoo.com/	1970-01-20 15:04:24	Name: A3 Value: d=AQABBJZNM2MCEHp-1YwBZh3mPW2G3WB_QBcFEgEBAQGfNGM9YwAAAAAA_eMAAA&S=AQAAAkv84xM6ZW7YjYiZy2XhzQA
.openx.net/	1970-01-20 15:04:02	Name: i Value: f4871ea8-435d-4fb0-91c3-8565996c4f2c\|1664306582
.twitter.com/	1970-01-20 15:54:26	Name: personalization_id Value: "v1_aHeTHvRd/qSYdLSPzwCuBg=="
.doubleclick.net/	1970-01-20 15:40:02	Name: IDE Value: AHWqTUklotXBWkn3doG6_LB72tIRQCDXzHGmUpfkuDYHv7dvOrzm1jMLtfIly1gOVsw
.rubiconproject.com/	1970-01-20 15:04:02	Name: khaos Value: L8KL623X-E-KXXP
.pay2day.ca/	1970-01-20 15:54:26	Name: _ga Value: GA1.2.474614274.1664306581
.pay2day.ca/	1970-01-20 06:18:26	Name: _gat_gtag_UA_33283313_1 Value: 1
pay2day.ca/	1970-01-20 15:54:26	Name: Pop%20Up%20Open Value: true
.pay2day.ca/	1970-01-20 15:04:24	Name: __adroll_fpc Value: ca35c5aea7316e0dad350ded253aee8e-1664306584147
.pay2day.ca/	1970-01-20 15:04:02	Name: __ar_v4 Value: %7CKHB2EGINOZBOJH3MZOZQPJ%3A20220927%3A1%7CLLSCWJSGCZFBRNCV5LO325%3A20220927%3A1%7CHKCVHB2XGRGWJFUZWUYQC6%3A20220927%3A1
.rubiconproject.com/	1970-01-20 15:04:02	Name: audit Value: 1\|49165SZkKRU7Pckq2q2f03+p+wT6r3JISovcPztPlWbWaDs14xzbSCXE/hWNfIQnpjhbnRLVVIOM1KxoLazIt7wcSxV5yjQqXQ4+q/PRwAvsuzotweO7hvk/LODV/VhdisIcd5dNM5hVm7Dwy6gMmtGqyvY3ClgWR9e56vpx9sjQD5U7tEfUTQ==
.analytics.yahoo.com/	1970-01-20 15:04:02	Name: IDSYNC Value: "18z4~27ej:1770~27ej"
.taboola.com/	1970-01-20 15:04:02	Name: t_gid Value: 071c556a-1096-4788-bd2e-8225f758c987-tucta2cd318
.adnxs.com/	1970-01-20 08:28:02	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GTxlX<]c!]taa8i_ipexoDI?dHv's7=Av[c)OMUY%g8sCH<]]N#u^lin`n(FF`P1ctlsPU5sY]<WU2:6wK_i9u0TD._PlZ[C[-kX-hawk2
.3lift.com/	1970-01-20 08:28:02	Name: tluid Value: 4204001078654601345803
.rlcdn.com/	1970-01-20 15:04:02	Name: rlas3 Value: mZ5to67xYrvgwONw6gsMUFIvsv7QE8IaAxHDja9Hv0I=
.casalemedia.com/	1970-01-20 15:04:02	Name: CMID Value: YzNNmALTZRuDf7WHmRzSXAAA
.casalemedia.com/	1970-01-20 08:28:02	Name: CMPS Value: 149
.casalemedia.com/	1970-01-20 08:28:02	Name: CMPRO Value: 149
d.adroll.com/	1970-01-20 15:47:14	Name: __adroll Value: 5f6c49448eedf4dff6901c1a037ce0b3-g_1664306584-a_1664306584
.adroll.com/	1970-01-20 15:47:14	Name: __adroll_shared Value: 5f6c49448eedf4dff6901c1a037ce0b3-g_1664306584-a_1664306584
.pubmatic.com/	1970-01-20 08:28:02	Name: KRTBCOOKIE_10 Value: 22808-NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM&KRTB&22883-NWY2YzQ5NDQ4ZWVkZjRkZmY2OTAxYzFhMDM3Y2UwYjM
.pubmatic.com/	1970-01-20 07:01:38	Name: PugT Value: 1664306584
.bidswitch.net/	1970-01-20 15:04:02	Name: tuuid Value: 7ee710fd-ed86-4367-ae49-b83a84867904
.bidswitch.net/	1970-01-20 15:04:02	Name: c Value: 1664306584
.bidswitch.net/	1970-01-20 15:04:02	Name: tuuid_lu Value: 1664306584
.outbrain.com/	1970-01-20 08:28:02	Name: obuid Value: f2f331ad-8be8-45ab-a89d-a38624f780f4
.rlcdn.com/	1970-01-20 07:44:50	Name: pxrc Value: CJibzZkGEgUI6AcQABIFCOhHEAA=
.pay2day.ca/	1970-01-20 08:28:02	Name: _fbp Value: fb.1.1664306584512.5154338
.pippio.com/	1970-01-20 15:04:02	Name: did Value: JBu5A-25FHAFqFqN
.pippio.com/	1970-01-20 15:04:02	Name: didts Value: 1664306584
.pippio.com/	1970-01-20 07:44:50	Name: nnls Value:
.casalemedia.com/	1970-01-20 08:28:02	Name: CMTS Value: 011
.pippio.com/	1970-01-20 07:44:50	Name: pxrc Value: CJibzZkGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/	1970-01-20 15:04:02	Name: rmuid Value: 2a42bf22-c2dd-4e62-87df-0a49fa164b50
.linksynergy.com/	1970-01-20 15:04:02	Name: icts Value: 2022-09-27T19:23:04Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
analytics.google.com
analytics.twitter.com
api.privy.com
assets.privy.com
bat.bing.com
cdn.acsbapp.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
events.privy.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
koi-3qndl96j4m.marketingautomation.services
maps.google.com
maps.googleapis.com
pay2day.ca
pippio.com
pixel-geo.prfct.co
pixel.rubiconproject.com
privymktg.com
s.adroll.com
secure.adnxs.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
tag.perfectaudience.com
tags.rd.linksynergy.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
web1.acsbapp.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.18.18.126
104.244.42.131
104.36.115.109
107.178.240.224
107.178.254.65
13.224.214.25
138.128.247.123
141.226.224.48
142.250.80.34
142.251.40.194
147.185.239.229
151.101.194.217
2600:9000:20ed:ee00:6:9280:1080:93a1
2606:4700:10::6816:146c
2606:4700:3036::ac43:8404
2606:4700:e2::ac40:850f
2607:f8b0:4004:c09::9d
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::200e
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2004
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2003
2607:f8b0:4006:823::2008
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.225.142.71
34.236.34.170
34.98.64.218
34.98.67.3
35.190.60.146
35.208.94.27
35.211.178.172
35.71.139.29
52.45.33.138
64.202.112.223
68.67.160.76
68.67.161.208
69.173.151.100
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
07f66f55f69d2e2f4c5504e36440114d42e05cce820efde07de5fa2184e957e1
10845f7568b352834dd5ae371b2a791b919c434c8b21d8bff8027e733b00ae6a
10b8b3cced97db2b2a4c7f76f23887d5bf77391ff5b939883a5946cec8259c62
139d66ae9a5a6b7f89d57c7653fd2b8cdb0c1b18b3bb17a56ec860a3e78e467e
1560e0e0ca4caefe42f84c4c0ccbc328e5b6b0a6518a0b9f9430b2b2fba826a6
156ac9492c55e5bc2846ed934e63b022f623421935091d036d890ce8567327f9
1769a9734402e1f653766fdbbcd4070dd8e93da30caebfd01dea5dc43ca648d6
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
2104b36d6f0fd483dc7cda1c60bb5a8d7ee22d5d45af272fe6fa7ed038180204
216bf39dd574cec0d7ab0830c4b30ad207d378b6957338ad96cea7621f0e3e8b
23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9
27e545e0bb0fd6d4b69386603f386a3b907f2654633f1fe5e80631e8eb98ddd5
287be2b4655497bb6e136e3aa7b7416137f01acdf217e188564f0981a9dea12c
28cb4a0b3a910b1da57930ca1cd3261590c19559312358634f3ddef679ab0e09
28fc2b5d89f3dceaa8f2f3482578ed5979d77a47f1edd03cac5c025dbe494985
2b890f5cb5d0927538bb24f4b28bd703dee2ce7793fbecba723bf3d12d51e78e
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
302da93a523308ba422ef8506875eab7141701712c0455a1da6157760c330b25
33838de8926e3b58395b1bc92f558e6ea5fd2c6700ed2785959dd14fe709e231
35e866fcab13656eadebd6f2831b5ce7a087557e4d7d73aa610ef8e6b91f04c2
389484831916a8c904b1d47e06c7fd5c5d1b41c28e74c073f47fe495cc8af240
3a2cb6aaa57918d6a70a7d187cd0212ef7ebc91d6f91b18fddb451edd5f5756a
42c9216570c3ac336bf96e53f8321cbcdbd588c294597bc75ec3224ba35c2657
447bb447d3ed9126a4b6b248274e7c34392e454231db3672f0d39aa3d199128c
466afbadbc738b42fa5cef128cedeab4e1fab2aaf5e438ec729557dee0f3d2f3
476bd2c2b294afadf8e0b13ba5e38c467c2f6fd89b21e87165deab021018f314
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4baa439c116f7b568f95147360c99dce67103595ed96c8f3f6359f6f76e4defd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508b41fe32849ab2f6fbd59ef023d2ae1cb0bead935fd7164e94c7d92c1fee92
523493b30ff2aa6cf26323a6d9b49b20ede09cf8b395beeec76cd17f8e7c3069
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677
596b56fa7ba910664d7c517f4ce7b4da3e09e8e6e1024143a2cd50349365a7b4
5ade74a7bea1650d598d7d2786bb9d88f4c43e4f721e8be44cc5be8985558a56
5e72a0c766998679a1b44fc9d4211166e4b7287f3e7ae5d94b01a24b3866a445
6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60
638a8f3624fbfa75dbe8312df4a92c5d3710bd8ef4e82b2f74ce350e4b5657ec
6632fb6a66b8bfc3523d4ff39e6fbfe4a5fe3db3a1a80ac880b1fce221848cf8
6834abd6ce693144f7777ea76a5fb9fc01c6eef027570e12e061f7723b9cfa45
6d603f790cf7795a7c71f700f5a88b087d91b5aa23052fa7abb25e77eeb1b488
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
701815bfd66d3e17763d8040d55213d82f45f5829251929a47be8eeb5879941c
73380f83231f928e80258fb3efb9e5a3ae475b9d4f0f4884b52991c22adac5e8
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7c57756950e7e2a4219d67ac9f6822c57a3bd19484e7cd197e7c3b35fccaa05f
7d650cefeab548e68e23bf0f74accf118cef1621b66c8411eb2113ced097d60c
7e39bc0c4fbfc5747635e1310bf9d4956eb1b29a3ba6f288d54b71028b11a0e7
810bfe95187a036878c650ce40340c279d23eb35b47f6aef151451037f3a891f
8151a4de599aeba7fe35dcceb9b3c56affc7ba3b6c2d1fc9415e385433f2f0cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87f9dd28eeec028a050aa297c049f267f5c853a542a2cc1dccbd010b50f6e855
8967eaba5a80fb1150d3a290e1f894d944ee58ed2b934bf3530d093a2a741985
89a9157d3c6cb92794c5c7489a209e3ca2551beeb7de2e7a0e09c0a049a059bc
8bf08a79b40655c8d77d19af5a176e0173270c34c564c7685493475f2389f1f6
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
926f767fec2a5ed3a610735fde7861c24c9c15fa136d9a85d111c2b9ec4a0fa0
93d6483e1e5f9a8f566138165402377719ee0e58b045e74d9b24d1270efa6af9
94041c0a34cfbe8a9703febbdb4f00b4fa67577bce037bed625636ba9bdd636d
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9bc0cb0072663c95f2eeb40b8936582e7264d17d5757be6f24f4382973cde2af
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9d34738213b0dbe1797e78a9f8fb4d04464c5ac7dca61e5a14dca13b47f9264c
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0640c2bafbea6e239ac2d24cc5c911d9b2b169ae9978a865cae44c8b3916d05
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a342348d9e6e675e9a6dc0acf59e9b48f37b0d51408a5ef8722faf5971d662d2
a4f33558ec884158b2b139ca81a5172e64ffb9e3b70cf708ceb33043c57a844d
a53864785edb3b7e6f645c509b0adef6c6001af091d70f9abfc65bae96322bd2
a8624663a2fa33d37d43256eb4c3f6223e6c285d83c2a09d6c0b1c4749580e3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9b66e3c99e02a27c8e4d880559175c358362265d9806dc91dbd187659caf107
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc4b410a4de56bb3aa4c7e279e694838c5a4f17bed567d0cec60aa8d9b2ae31c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c010c3c4c13bfc530a6c9ad6842c1d93463af4479a0b9fa6466b0eb6c515bfe6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
db490d0e782d70ca57c6859b52a0d1cc2e0e2b6f3b5f471c3f96d05120c0bbd9
db4c648e3080923d7d7714ed2784c1d7607700770c39e2abf2791b02f7fdb924
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb9cfb4b2088cea4da18a4b4f989531674d8d2f24e66c441f6ab3e7780ba3a9
df24d3b938c33d2fd24254a3c84867901c7b997bcd79f356558082eb9cda9222
df930b85a1044e89ed216e014af0dcac8a9b58034244c516702856b0c1e25841
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c846f4f9d07f1b3828978175bf8c581be0495c6712948540d175341aa39e8c
e578c3357982c69247cbd5d1680a0fb8d34df39b25c4bcd83d4177b0b9bd5b76
ec747cae2c3701427039d78f0dd594e675ba289b850e86996264da0e88e5e743
ecb90ddc4a9e73c9640606c8780ec25f10633df3ec80cc4e6c2fcbb5601b4bd1
eded00575f65de726a63f811022d119ed582721233e74343735cad53930c2a76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fda8f5bf32785d7d9bc1d8a21c43b02c6fdd332305b1053e54252496f496ac
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f37f4f2ac2c66956043d95284071e516a633f7113819e8a675a68577c82b29ad
f479b4f7603b89061cc4c957c08fc586cbe1f191d9397954b38b7c4799cbbb27
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f86a5f127aa01221204cc5375d67a2197223bb9debea575efb9da87a01056e53

pay2day.ca Open in urlscan Pro 35.208.94.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

135 Requests

82 %HTTPS

42 %IPv6

35 Domains

48 Subdomains

39 IPs

2 Countries

2661 kBTransfer

8041 kBSize

57 Cookies

9 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pay2day.ca Open in urlscan Pro
35.208.94.27 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

82 %
HTTPS

42 %
IPv6

35
Domains

48
Subdomains

39
IPs

2
Countries

2661 kB
Transfer

8041 kB
Size

57
Cookies

135 HTTP transactions
0 data transactions