paylesstoconnect.ca Open in urlscan Pro
2620:1ec:bdf::35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paylesstoconnect.ca/
Submission: On January 06 via manual (January 6th 2022, 1:18:37 pm UTC) from IN — Scanned from CA

Summary HTTP 81 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 1 countries across 21 domains to perform 81 HTTP transactions. The main IP is 2620:1ec:bdf::35, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is paylesstoconnect.ca.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on February 26th 2021. Valid for: a year.

This is the only time paylesstoconnect.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2620:1ec:bdf::35 2620:1ec:bdf::35	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
13	2606:2800:220... 2606:2800:220:131d:1d30:1f1d:238b:1e56	15133 (EDGECAST) (EDGECAST)
1	2600:9000:21d... 2600:9000:21da:b600:d:9da0:f1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
1 3	2600:9000:21d... 2600:9000:21da:e00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
8 10	52.21.125.8 52.21.125.8	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9a	15169 (GOOGLE) (GOOGLE)
1 2	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.213.3.60 3.213.3.60	14618 (AMAZON-AES) (AMAZON-AES)
1	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:220... 2606:2800:220:1410:489:141e:20bb:12f6	15133 (EDGECAST) (EDGECAST)
81	24

19 2620:1ec:bdf::35 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

paylesstoconnect.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:b600:d:9da0:f1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1tdp7z6w94jbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21da:e00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.21.125.8 (Ashburn, United States) 8 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-125-8.compute-1.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9a (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.162.21 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.3.60 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-3-60.compute-1.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1000 (Ashburn, United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:1410:489:141e:20bb:12f6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	paylesstoconnect.ca paylesstoconnect.ca	1 MB
15	twitter.com platform.twitter.com — Cisco Umbrella Rank: 546 syndication.twitter.com — Cisco Umbrella Rank: 767	439 KB
14	gstatic.com fonts.gstatic.com	306 KB
13	adroll.com 9 redirects s.adroll.com — Cisco Umbrella Rank: 2208 d.adroll.com — Cisco Umbrella Rank: 1320	24 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1772 ka-p.fontawesome.com — Cisco Umbrella Rank: 3941	75 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	587 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	200 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 258 fonts.googleapis.com — Cisco Umbrella Rank: 37	10 KB
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1340 pbs.twimg.com — Cisco Umbrella Rank: 691	7 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 355	736 B
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 249 ads.yahoo.com — Cisco Umbrella Rank: 722	1 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 293	815 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 726	221 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 481	547 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 695	477 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 270	796 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	441 B
1	cloudfront.net d1tdp7z6w94jbb.cloudfront.net	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	36 KB
81	21

	Domain	Requested by
19	paylesstoconnect.ca	paylesstoconnect.ca
14	fonts.gstatic.com	fonts.googleapis.com
13	platform.twitter.com	paylesstoconnect.ca platform.twitter.com
10	d.adroll.com	8 redirects s.adroll.com
4	ka-p.fontawesome.com	kit.fontawesome.com paylesstoconnect.ca
3	www.facebook.com	paylesstoconnect.ca
3	connect.facebook.net	paylesstoconnect.ca connect.facebook.net
3	s.adroll.com	1 redirects paylesstoconnect.ca
2	eb2.3lift.com	1 redirects paylesstoconnect.ca
2	pixel.advertising.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects paylesstoconnect.ca
2	syndication.twitter.com	platform.twitter.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	paylesstoconnect.ca ajax.googleapis.com
1	pbs.twimg.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	sync.taboola.com	paylesstoconnect.ca
1	ads.yahoo.com	paylesstoconnect.ca
1	simage2.pubmatic.com	paylesstoconnect.ca
1	sync.outbrain.com	paylesstoconnect.ca
1	ups.analytics.yahoo.com	paylesstoconnect.ca
1	pixel.rubiconproject.com	paylesstoconnect.ca
1	stats.g.doubleclick.net	www.google-analytics.com
1	d1tdp7z6w94jbb.cloudfront.net	paylesstoconnect.ca
1	www.googletagmanager.com	paylesstoconnect.ca
1	kit.fontawesome.com	paylesstoconnect.ca
1	ajax.googleapis.com	paylesstoconnect.ca
81	27

This site contains links to these domains. Also see Links.

Domain
policy.teksavvy.com

Subject Issuer	Validity	Valid
paylesstoconnect.ca RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-26` - `2022-03-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-15` - `2022-01-13`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-24` - `2022-03-23`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://paylesstoconnect.ca/
Frame ID: 4BD094A1EC62B8A72CCB18D4263910FB
Requests: 66 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fpaylesstoconnect.ca
Frame ID: 2C8EC0122266C8888AE94555454E30E3
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Frame ID: ADCA111440491FA96BE99D1A5DBCCF4F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pay Less To Connect

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

89 %
HTTPS

60 %
IPv6

21
Domains

27
Subdomains

24
IPs

1
Countries

2547 kB
Transfer

4590 kB
Size

28
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://policy.teksavvy.com/hubfs/PLTC%20V5/PLTC%20Election%20Backgrounder.pdf
Title: Backgrounder

Search URL Search Domain Scan URL

URL: https://policy.teksavvy.com/hubfs/PLTC%20V5/TEKSAVVY_Affordability_Omni.pdf
Title: Poll

Search URL Search Domain Scan URL

URL: https://policy.teksavvy.com/hubfs/PLTC%20V5/TekSavvy-MediaRelease-AffordabilityElectionBackgrounder.pdf
Title: Press Release

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://s.adroll.com/j/exp/UUVLSG5ARBEWJL7WWPIHPY/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 54

https://d.adroll.com/cm/index/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expiration=1673011112 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expiration=1673011112&C=1

Request Chain 55

https://d.adroll.com/cm/n/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expires=365

Request Chain 56

https://d.adroll.com/cm/onevideo/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP2590618a-6ef3-11ec-b4eb-0e2a084b0ec7

Request Chain 57

https://d.adroll.com/cm/outbrain/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY

Request Chain 58

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 59

https://d.adroll.com/cm/r/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 60

https://d.adroll.com/cm/taboola/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY

Request Chain 61

https://d.adroll.com/cm/triplelift/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
paylesstoconnect.ca/ 18 KB
18 KB 1248ms
111ms Document
text/html 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bd389919aaec167ea0252ff7d312eee84e875a9a5a4b8128cb12baebe7f03c29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-length: 17950
content-type: text/html
content-md5: 1EVbngf1k8aWitmsKauPMA==
last-modified: Mon, 20 Sep 2021 14:24:57 GMT
accept-ranges: bytes
etag: "0x8D97C426C81EA8E"
x-ms-request-id: 42e8d452-c01e-0032-5eff-026e71000000
x-ms-version: 2018-03-28
x-cache: CONFIG_NOCACHE
x-azure-ref: 0J+zWYQAAAADHJX7rMuDgSbSoqVwHrmBQWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
date: Thu, 06 Jan 2022 13:18:30 GMT

GET
H2 200 normalize.css
paylesstoconnect.ca/styles/ 8 KB
8 KB 28ms
26ms Stylesheet
text/css 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/styles/normalize.css
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 25194b73ec31c5fa1e315cd30fd7428f4075d725740663aea2e60d1de61288cb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:30 GMT
last-modified: Tue, 03 Aug 2021 13:46:18 GMT
content-md5: UZEh+kzfZ4KkwcQSVkYF4g==
etag: "0x8D9568511F46C45"
x-azure-ref: 0J+zWYQAAAABwunFjTBELRZY3xOzLP/b0WU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: text/css
x-ms-request-id: 42e8d45e-c01e-0032-69ff-026e71000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 8127

GET
H2 200 webflow.css
paylesstoconnect.ca/styles/ 40 KB
40 KB 74ms
72ms Stylesheet
text/css 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/styles/webflow.css
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e9c53a0b361998d6a76af01b183fedcfaf27d51b21350be94540ad22db81f597

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:18 GMT
content-md5: ZsRBNhaQSZmZHaxnjwfuoA==
etag: "0x8D95685120203B5"
x-azure-ref: 0J+zWYQAAAACg1XhTpCAXSLqh/vSjvAYfWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: text/css
x-ms-request-id: aa62cf88-d01e-0026-57ff-02ad15000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 41206

GET
H2 200 main.css
paylesstoconnect.ca/styles/ 21 KB
22 KB 61ms
60ms Stylesheet
text/css 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/styles/main.css
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 343bf2a4793f32f4618d6d2faec8cf021b3329866328c90a8b95ff6aa39fe7ae

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Mon, 20 Sep 2021 14:24:11 GMT
content-md5: BH19BeULGFaQ96eCD1I22Q==
etag: "0x8D97C425114F6DB"
x-azure-ref: 0J+zWYQAAAACv4B1sr9mTSonfc4s8NEbNWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: text/css
x-ms-request-id: f5079e1c-301e-0027-59ff-02ace8000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 21852

GET
H2 200 modal.css
paylesstoconnect.ca/styles/ 4 KB
4 KB 45ms
44ms Stylesheet
text/css 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/styles/modal.css
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e8e1e0d9f5a8eae5876f887452063cd14c91c5804c0b476b652e64b442e3d624

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Mon, 20 Sep 2021 14:24:38 GMT
content-md5: q5VM/iHkQxM2tfb7qcbsRQ==
etag: "0x8D97C4261318293"
x-azure-ref: 0J+zWYQAAAABgIEvagF89R4BZhwCu9fudWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: text/css
x-ms-request-id: 42e8d462-c01e-0032-6cff-026e71000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 3655

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.4.7/ 17 KB
7 KB 76ms
22ms Script
text/javascript 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js

Requested by

Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 01:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6756
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 31 Dec 2022 01:16:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 94ms
40ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@500;600;700&display=swap

Requested by

Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cecea24728484accfdeb4899b6feb3949c771dd4f3cd636931f5aa12c361024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:18:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 13:18:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 13:18:31 GMT

GET
H2 200 73ad97704e.js Show response
kit.fontawesome.com/ 11 KB
4 KB 105ms
73ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/73ad97704e.js

Requested by

Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

514e2a40ced8a53a13af1d97d1b50cadeb26363dbfb7af33b54e4cd798ae5049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://paylesstoconnect.ca/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6c953b970c737138-YUL
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FsdX2d4pX8pTwnYNf-bC

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 128ms
61ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137276941-1

Requested by

Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5774c7b88516fc571f8ff35d04a951c2a02c414d12d78ae82bd724b7d06e71da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36169
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jan 2022 13:18:31 GMT

GET
H2 200 payless-logo-red.svg
paylesstoconnect.ca/images/ 5 KB
5 KB 100ms
96ms Image
image/svg+xml 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylesstoconnect.ca/images/payless-logo-red.svg
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3aaffecb7b1290375fca7efb9ad634afb4df44b708a1969049792cf4f4ce8951

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:17 GMT
content-md5: PAk7FLoe9CaCf5ATtN7IeA==
etag: "0x8D956851192D691"
x-azure-ref: 0J+zWYQAAAAB8vHA6S2PwQ5Fssc8wuWujWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
x-ms-request-id: 7a8d0d72-401e-0045-14ff-02eb30000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 5244

GET
H2 200 theif.svg
paylesstoconnect.ca/images/ 30 KB
30 KB 103ms
99ms Image
image/svg+xml 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylesstoconnect.ca/images/theif.svg
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d68d241183aaaa5d743463bd5af07f5cd459e8931cae4fa0189cbee8fdd5ad4a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:17 GMT
content-md5: Sc9Rk57rYyZbBPqawgzTRA==
etag: "0x8D9568511BA3D12"
x-azure-ref: 0J+zWYQAAAAAuUHvDJSIlTYwIbcK/Adg2WU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
x-ms-request-id: 0bc78e61-601e-0016-06ff-02f73f000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 30431

GET
H2 200 chevron-down.svg
paylesstoconnect.ca/images/ 375 B
571 B 102ms
98ms Image
image/svg+xml 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylesstoconnect.ca/images/chevron-down.svg
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6fcedb9e973c1d3a06b531532596efb93fdcae291b24087dfd09cf24b4362fa3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:17 GMT
content-md5: SiKzl/9gYq2i//BZu6FHGQ==
etag: "0x8D95685115CC6F7"
x-azure-ref: 0J+zWYQAAAADI95kPgrjBTaf9ECYekefnWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
x-ms-request-id: a77f1145-a01e-0044-1aff-02eacd000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 375

GET
H2 200 theif-phone-long.svg
paylesstoconnect.ca/images/ 30 KB
30 KB 115ms
112ms Image
image/svg+xml 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylesstoconnect.ca/images/theif-phone-long.svg
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c56b295da16cc41ea87c3b6dcc4d10db39f3a10133ef38b87d0ecc19fe1b8c84

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:17 GMT
content-md5: 09cEpA+UN/S75cg/gQBvbQ==
etag: "0x8D9568511B5A83D"
x-azure-ref: 0J+zWYQAAAAAHynymKigaSq0Xf/GUOGO6WU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
x-ms-request-id: aaee0c09-c01e-0010-2dff-020047000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 30477

GET
H2 200 vote-hero.svg
paylesstoconnect.ca/images/ 24 KB
25 KB 110ms
106ms Image
image/svg+xml 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylesstoconnect.ca/images/vote-hero.svg
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1cc3ebf9ef7f4d93ce0fccfd2c3506b1d6da8b49ffabdbd00275bff6dda92be8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Wed, 25 Aug 2021 19:30:05 GMT
content-md5: 52Ko/CNOR8shsCYZZSS/VA==
etag: "0x8D967FEBE189CF4"
x-azure-ref: 0J+zWYQAAAAANxvINSqmkR54+ts9x1loWWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
x-ms-request-id: 23481021-f01e-003a-1cff-027502000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 24896

GET
H2 200 pencil-vote.svg
paylesstoconnect.ca/images/ 254 KB
254 KB 119ms
116ms Image
image/svg+xml 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylesstoconnect.ca/images/pencil-vote.svg
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 02cc9497d27db5c3139b36fae70b70af832c252f16a3d53be2709625305448a2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Wed, 25 Aug 2021 19:29:32 GMT
content-md5: 5TUwQedbDO/F26DcOv6CEg==
etag: "0x8D967FEAA84D240"
x-azure-ref: 0J+zWYQAAAABX1iyCC7XJRJsn+jig26n8WU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
x-ms-request-id: e9dda29b-f01e-0018-39ff-021b34000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 259921

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 214ms
32ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/81B9) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 979
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 29126
x-tw-cdn: VZ
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (cha/81B9)
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 stocks-dollars.svg
paylesstoconnect.ca/images/ 123 KB
123 KB 38ms
36ms Image
image/svg+xml 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylesstoconnect.ca/images/stocks-dollars.svg
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 29770a880856498b98ba3e5645aa82cf7986268ccb172a48de4417bf3e2db339

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Wed, 25 Aug 2021 19:29:49 GMT
content-md5: TAp2nbP4aiENCo3TUBVj5A==
etag: "0x8D967FEB43ED552"
x-azure-ref: 0J+zWYQAAAABAqt/bzUM3RrwRARkXluTmWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
x-ms-request-id: f5079e46-301e-0027-76ff-02ace8000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 125969

GET
H2 200 phone-stealing-money.svg
paylesstoconnect.ca/images/ 8 KB
9 KB 37ms
34ms Image
image/svg+xml 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylesstoconnect.ca/images/phone-stealing-money.svg
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 54c579a1e0827e85ec530fda9c5873a28493f7389aadafdcd6682ffa391e3e0a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:17 GMT
content-md5: /OI9E0r34S7i1A/7KUWEDg==
etag: "0x8D9568511A0951D"
x-azure-ref: 0J+zWYQAAAADOJrFMw9Z3Qb5MJL3vnLodWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
x-ms-request-id: 42e8d4a8-c01e-0032-2bff-026e71000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 8513

GET
H2 200 300000LettersSent.svg
paylesstoconnect.ca/images/ 264 KB
264 KB 42ms
40ms Image
image/svg+xml 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylesstoconnect.ca/images/300000LettersSent.svg
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5edc2eb553e38609310bfd08a62bf4ac4bd2852fbc0a6dff0d4d0a722807ecd8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Mon, 20 Sep 2021 14:23:47 GMT
content-md5: PJpHW6Bk4MTDg8IOODvgdg==
etag: "0x8D97C42429ADBFB"
x-azure-ref: 0J+zWYQAAAAA0wyGH9nXQQICKCVIR3o1IWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: image/svg+xml
x-ms-request-id: aa62cf95-d01e-0026-61ff-02ad15000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 270150

GET
H2 200 jquery-3.3.1.min.js Show response
d1tdp7z6w94jbb.cloudfront.net/js/ 85 KB
30 KB 139ms
68ms Script
application/javascript 2600:9000:21da:b600:d:9da0:f1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tdp7z6w94jbb.cloudfront.net/js/jquery-3.3.1.min.js
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:b600:d:9da0:f1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://paylesstoconnect.ca/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:32 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Thu, 03 Jan 2019 19:14:11 GMT
server: AmazonS3
etag: W/"a09e13ee94d51c524b7e2a728c7d4039"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: cHtYhk1pPpTGdBKn5DyitHVFUrRwlEdb
via: 1.1 5ec6b37107376867228d2ed46a794603.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
content-type: application/javascript
x-amz-cf-id: -_4dnxfFMnXes7uCOCheFM0T7JIQFV-kO0b2KsW79oJoZBRPC22UbA==

GET
H2 200 webflow.js Show response
paylesstoconnect.ca/js/ 556 KB
557 KB 32ms
28ms Script
application/javascript 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/js/webflow.js
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1f6cca85a7d5cf70f70df47c969b034694dad354fdc03b93c01f5f42ef40b704

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:18 GMT
content-md5: FHxzFqaAZY4bKFDJ0wzaDw==
etag: "0x8D9568511DE95B9"
x-azure-ref: 0J+zWYQAAAAC7APswEVZ/QqsNGg5gcmEsWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-ms-request-id: 42e8d4a1-c01e-0032-25ff-026e71000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 569733

GET
H2 200 stepper-tabs.js Show response
paylesstoconnect.ca/js/ 2 KB
2 KB 27ms
23ms Script
application/javascript 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/js/stepper-tabs.js
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8438c211deeef4628b1ffb7f49058f9d57bac88cc51cf6e13d7f5146a0f3c2fc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:17 GMT
content-md5: jKB+ii5rTyeBUxMe1ff1+A==
etag: "0x8D9568511DA27E2"
x-azure-ref: 0J+zWYQAAAAAIm4e8/VfPRLMJdfbUqt+kWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-ms-request-id: f5079e45-301e-0027-75ff-02ace8000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 2164

GET
H2 200 adroll.js Show response
paylesstoconnect.ca/js/ 833 B
1 KB 30ms
25ms Script
application/javascript 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/js/adroll.js
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 81e7171c721da5c468b1f9b9456dd9f14af4af8fed1df045c2e3b5f734ce800a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:17 GMT
content-md5: o2gVBGVjBlRqaVOrdZhEcA==
etag: "0x8D9568511C7FB9E"
x-azure-ref: 0J+zWYQAAAACfllbgVL33RKtmCcqIToHSWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-ms-request-id: aa62cf94-d01e-0026-60ff-02ad15000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 833

GET
H2 200 facebook.js Show response
paylesstoconnect.ca/js/ 557 B
753 B 28ms
23ms Script
application/javascript 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/js/facebook.js
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 26446f3e68def07be8b2635560a33f45bdd0c7c4f53b9809ef70126c735055ec

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:17 GMT
content-md5: e69e5Bsw48+2DtrgrDQ7Sw==
etag: "0x8D9568511CC6967"
x-azure-ref: 0J+zWYQAAAADOtkoMz6GiTJwCCLYSIZHxWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-ms-request-id: 42e8d4a3-c01e-0032-27ff-026e71000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 557

GET
H2 200 stepper-tabs.css
paylesstoconnect.ca/styles/ 4 KB
4 KB 24ms
24ms Stylesheet
text/css 2620:1ec:bdf::35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://paylesstoconnect.ca/styles/stepper-tabs.css
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/styles/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::35 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3fea245db42f618cf7cbd0019afa9f96c347f9be405d923991e62642dda91eee

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/styles/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
last-modified: Tue, 03 Aug 2021 13:46:18 GMT
content-md5: y/5JBj5Q7751SLHL0n94Zw==
etag: "0x8D9568511F9011A"
x-azure-ref: 0J+zWYQAAAADwRBsXbkWKSqkXZsfr9gznWU1RMDFFREdFMDkwOQBhZTkyNzViNS05ZDk5LTRjOGUtYTA3ZS00NmExMjJiZGUzMzQ=
x-cache: CONFIG_NOCACHE
content-type: text/css
x-ms-request-id: 42e8d474-c01e-0032-7bff-026e71000000
x-ms-version: 2018-03-28
accept-ranges: bytes
content-length: 3872

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 42ms
41ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

906d4eaab45c2ecfd1be2c35d388fa74b6b3e6aa2764cc2b53a51f9c3f9536d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:18:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 06 Jan 2022 13:18:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jan 2022 13:18:31 GMT

GET
H2 200 S6u8w4BMUTPHh30AXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 21 KB
21 KB 92ms
30ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHh30AXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CRoboto:100,300,regular,500,700,900%7CCabin:regular,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d971119a046fb86eeec343e50c680c36a72eb2df85521c8f343dc9678924398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 12:57:21 GMT
x-content-type-options: nosniff
age: 519670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21580
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 12:57:21 GMT

GET
H2 200 S6u-w4BMUTPHjxsIPx-oPCI.woff2
fonts.gstatic.com/s/lato/v20/ 17 KB
17 KB 86ms
25ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u-w4BMUTPHjxsIPx-oPCI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d10280e8071d96d42984b8a0fe9eb713babef562cfe8e31bc28fbf65c46e126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 09:40:25 GMT
x-content-type-options: nosniff
age: 272286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17024
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 09:40:25 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 146ms
88ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:38:11 GMT
x-content-type-options: nosniff
age: 63620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 19:38:11 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 17 KB
17 KB 141ms
86ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:05:12 GMT
x-content-type-options: nosniff
age: 519199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17640
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:34 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:05:12 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 138ms
85ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 12:55:06 GMT
x-content-type-options: nosniff
age: 519805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 12:55:06 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 24 KB
24 KB 115ms
64ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 07:27:43 GMT
x-content-type-options: nosniff
age: 453048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 01 Jan 2023 07:27:43 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 102ms
57ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:29 GMT
x-content-type-options: nosniff
age: 17282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 06 Jan 2023 08:30:29 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 24 KB
24 KB 148ms
105ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:48:17 GMT
x-content-type-options: nosniff
age: 63014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24428
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 19:48:17 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 129ms
95ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 07:31:32 GMT
x-content-type-options: nosniff
age: 452819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 01 Jan 2023 07:31:32 GMT

GET
H2 200 S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 126ms
93ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI3wi_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad68b1eebdd10516b4cd884ca26e3f2f6086efc2a025badffb5f08e7fb110807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 09:19:33 GMT
x-content-type-options: nosniff
age: 273538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23696
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 09:19:33 GMT

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v18/ 25 KB
26 KB 75ms
42ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v18/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4632f2a6b880931a9a2468fe53828f3a5a4b0934d9f4f6f37d6831214469a07e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:02:25 GMT
x-content-type-options: nosniff
age: 519366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26104
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:56:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:02:25 GMT

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 315 KB
53 KB 38ms
36ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=73ad97704e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/73ad97704e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 46918
etag: "610ae215-d3b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6c953b98beaf7138-YUL
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 22ms
21ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=73ad97704e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/73ad97704e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 46918
etag: "610ae215-1062"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6c953b98beb17138-YUL
content-length: 4194

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 27 KB
3 KB 24ms
23ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=73ad97704e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/73ad97704e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 46918
etag: "610ae215-a2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6c953b98beb27138-YUL
content-length: 2603

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v16/ 32 KB
32 KB 115ms
99ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 09:14:13 GMT
x-content-type-options: nosniff
age: 273858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32876
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 09:14:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 104ms
89ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 08:30:30 GMT
x-content-type-options: nosniff
age: 17281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 06 Jan 2023 08:30:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 61ms
28ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 07:38:42 GMT
x-content-type-options: nosniff
age: 452389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 01 Jan 2023 07:38:42 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/UUVLSG5ARBEWJL7WWPIHPY/ 54 KB
17 KB 120ms
31ms Script
text/javascript 2600:9000:21da:e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/UUVLSG5ARBEWJL7WWPIHPY/roundtrip.js
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/js/adroll.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8b20df7dac89c189a39ee10084516e09be14b086764aa134c13f7a5caf93db7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: _QYt9pqPzCZFgEevBRorVM.eecotI.Jr
Content-Encoding: gzip
Etag: W/"2debab0677bd5fdf1d3449b0a5485d28"
Age: 1634
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
Last-Modified: Wed, 05 Jan 2022 18:21:15 GMT
Server: AmazonS3
Date: Thu, 06 Jan 2022 12:51:19 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: MyS3P_l382v7yb3_TyHEtALrnJpGDbdjneSKKI2gUjLuO8VDhzxWmg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 100ms
32ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/js/facebook.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: EKLh1dg3O0KNhBqeWclvYSgTHauGzUsehIN+UitJPwHB/fFlfT/KAWdPyuqiaKUXPPE6FuRfwnjHRVEO4V4jaQ==
x-fb-trip-id: 1814657579
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 06 Jan 2022 13:18:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pro-fa-light-300-5.11.1.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 11 KB
11 KB 138ms
137ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-light-300-5.11.1.woff2
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2698da8df8781bf12a07d76bab5c6353fbb730a8138fcaa1371c4950ad7c461

Request headers

Referer: https://paylesstoconnect.ca/
Origin: https://paylesstoconnect.ca
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:32 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:32 GMT
server: cloudflare
etag: "610ae358-2a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6c953b9bcc3d7138-YUL
content-length: 10860

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 2C8E 319 KB
103 KB 32ms
32ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fpaylesstoconnect.ca
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/8197) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2393528
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Jan 2022 13:18:32 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (cha/8197)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
24ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137276941-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3400
date: Thu, 06 Jan 2022 12:21:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 06 Jan 2022 14:21:52 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/UUVLSG5ARBEWJL7WWPIHPY/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

23ms
23ms

Script
application/javascript

2600:9000:21da:e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: HTTP/1.1
Server: 2600:9000:21da:e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 20292
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Thu, 06 Jan 2022 08:08:22 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: zzvekxbpgaykLeGpuCBd39USVRo7z6shb3zjPKpNgFqtWPK8xcPshQ==

Redirect headers

Date: Thu, 06 Jan 2022 03:06:44 GMT
Via: 1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
Age: 36707
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: EWR53-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: peQfyTuSnTcTEtVgtumWqe6SqcuahpC9r79_B8EnWEZeLwSFOQxgrQ==

GET
H3 200 1458126871017398 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 164ms
134ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1458126871017398?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

768e3301c4acb945b0c1c7feb4182a33108c536583c4d52045fbfe7937c1e659

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: dDIt4qYQpM8sAjcQM5IICRYfQK83tDiPDVRhp4PsdUbrYLKH2KIy0iBQS22pDUgxHG53IwFx+rQtwfnoJfGIzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 06 Jan 2022 13:18:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 2C8E 233 B
449 B 164ms
57ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4b23a1a91b36162feeaee088a0f54778553f3838

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fpaylesstoconnect.ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 06 Jan 2022 13:18:32 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 13:18:32 GMT
server: tsa_b
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 306d48155216f067f364e2b4b03df92d4772c945564976d939c6c8df67c96079
content-length: 167

GET
H2 200 UUVLSG5ARBEWJL7WWPIHPY Show response
d.adroll.com/consent/check/ 396 B
865 B 98ms
27ms Script
application/javascript 52.21.125.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/UUVLSG5ARBEWJL7WWPIHPY?arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&_s=a201825b162ac5b71289853e8e7dcd2d&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/UUVLSG5ARBEWJL7WWPIHPY/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.125.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-125-8.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: f1822ed57889bb9de2193a6dc187ef87eb5e3357c712e027b59acfe44c1dc5d2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 13:18:32 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-type: application/javascript
content-length: 396
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 63ms
34ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1284080441&t=pageview&_s=1&dl=https%3A%2F%2Fpaylesstoconnect.ca%2F&ul=en-us&de=UTF-8&dt=Pay%20Less%20To%20Connect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=74882818&gjid=1017867240&cid=322427147.1641475113&tid=UA-137276941-1&_gid=1124124064.1641475113&_r=1&gtm=2ouc10&z=1645574305

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylesstoconnect.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jan 2022 13:18:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paylesstoconnect.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 137ms
55ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137276941-1&cid=322427147.1641475113&jid=74882818&gjid=1017867240&_gid=1124124064.1641475113&_u=YEBAAUAAAAAAAC~&z=798454318

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylesstoconnect.ca/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 06 Jan 2022 13:18:32 GMT
content-type: text/plain
access-control-allow-origin: https://paylesstoconnect.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RG3SYZBR6ZBAVD4QHCHDSQ Show response
d.adroll.com/segment/UUVLSG5ARBEWJL7WWPIHPY/ 42 B
911 B 27ms
26ms XHR
image/gif 52.21.125.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/segment/UUVLSG5ARBEWJL7WWPIHPY/RG3SYZBR6ZBAVD4QHCHDSQ?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&pv=59132975016.66998&cookie=&adroll_s_ref=&keyw=&adroll_external_data=&adroll_version=2.0
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/UUVLSG5ARBEWJL7WWPIHPY/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.125.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-125-8.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-pixel-eid: RG3SYZBR6ZBAVD4QHCHDSQ
date: Thu, 06 Jan 2022 13:18:32 GMT
x-advertisable-eid: UUVLSG5ARBEWJL7WWPIHPY
x-segment-display-name: PayLess
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.20.0
x-rule: *paylesstoconnect.ca*
x-segment-eid: RS7P5KHASFC33LAEQRIOCF
content-type: image/gif
access-control-allow-origin: https://paylesstoconnect.ca
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-segment-name: 8f56c323
access-control-allow-headers: *
x-conversion-currency

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expiration=1673011112
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expiration=1673011112&C=1

43 B
1 KB

37ms
36ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expiration=1673011112&C=1
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jan 2022 13:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 06 Jan 2022 13:18:32 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jan 2022 13:18:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expiration=1673011112&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Thu, 06 Jan 2022 13:18:32 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expires=365

42 B
796 B

121ms
30ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expires=365
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 29af2665c43893332e84c235bac366c1
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&expires=365
pragma: no-cache
date: Thu, 06 Jan 2022 13:18:32 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/onevideo/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY
https://pixel.advertising.com/ups/55980/sync?uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP2590618a-6ef3-11ec-b4eb-0e...

0
686 B

102ms
30ms

Image
text/plain

52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP2590618a-6ef3-11ec-b4eb-0e2a084b0ec7

Requested by

Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/

Protocol

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:32 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP2590618a-6ef3-11ec-b4eb-0e2a084b0ec7
date: Thu, 06 Jan 2022 13:18:32 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY

0
477 B

118ms
27ms

Image
text/plain

64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: HTTP/1.1
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:32 GMT
Cache-Control: no-cache
X-TraceId: 58d848fe89062027b07e6bf0d1304287
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY
pragma: no-cache
date: Thu, 06 Jan 2022 13:18:32 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 100
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
547 B

88ms
22ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 10:05:35 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug027:0:492
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Thu, 06 Jan 2022 13:18:32 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
443 B

121ms
33ms

Image
text/plain

2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/

Protocol

Server

2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Thu, 06 Jan 2022 13:18:32 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY

0
221 B

75ms
23ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9325

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY
pragma: no-cache
date: Thu, 06 Jan 2022 13:18:32 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.20.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=32c2e6225f5535afe468fca838685b51-1641475112644&arrfrr=https%3A%2F%2Fpaylesstoconnect.ca%2F&advertisable=UUVLSG5ARBEWJL7WWPIHPY
https://eb2.3lift.com/xuid?mid=4714&xuid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
351 B

30ms
30ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 06 Jan 2022 13:18:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 101ms
30ms Image
image/gif 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1458126871017398&ev=PageView&dl=https%3A%2F%2Fpaylesstoconnect.ca%2F&rl=&if=false&ts=1641475112711&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641475112708.77499625&it=1641475112431&coo=false&exp=p0&rqm=GET

Requested by

Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 06 Jan 2022 13:18:32 GMT

GET
H/1.1 200
OK horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js Show response
platform.twitter.com/js/ 7 KB
3 KB 33ms
33ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/81BC) /
Resource Hash: 7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:34:11 GMT
Server: ECS (cha/81BC)
Age: 2393528
Etag: "8e55b85bd8d8e443c9a80691ed34d775+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2438

GET
H3 200 417674815090802 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 106ms
105ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/417674815090802?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9da83aeed6057c85dec0ab37c7a3fc7bb816bf3ad1f314df3b8c9432cc62146

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: R4obiqZ3UcYBUJWanIFjeggULbC2JtRpxpZMhXDJv33LF/Osbb1Zrbd03tywSzhO+0WgngsifKyEUn43G3Jnsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 06 Jan 2022 13:18:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame ADCA 487 B
1001 B 32ms
32ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/80E1) /
Resource Hash: 7e99cae469202590f2a4c1afb6fb984d8a842cabebc849559c3659e1c93bd5f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 795
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Jan 2022 13:18:32 GMT
Etag: "b5afbf73ee4d1579f3fb2f618f6accc7"
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (cha/80E1)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H/1.1 200
OK embed.runtime.54a58eb5540918258367.js Show response
platform.twitter.com/embed/ Frame ADCA 8 KB
4 KB 35ms
32ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/80E4) /
Resource Hash: 12c748318ff42d318458ecde073d66441c47dfa28d941be5f42694fc4e02a0ac

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (cha/80E4)
Age: 2393528
Etag: "c5272c96b4a5d0323eb55dac2cf6003d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 3522

GET
H/1.1 200
OK embed.modules.66e311263622456867b1.js Show response
platform.twitter.com/embed/ Frame ADCA 519 KB
163 KB 67ms
33ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/81E1) /
Resource Hash: 8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (cha/81E1)
Age: 2393028
Etag: "d2a7d4d81994376470f2560f453ad37b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 166772

GET
H/1.1 200
OK embed.i18n.c052951fae9a0c2b4020.js Show response
platform.twitter.com/embed/ Frame ADCA 146 B
652 B 131ms
32ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/81DE) /
Resource Hash: 9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:32 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (cha/81DE)
Age: 2393528
Etag: "ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 146

GET
H/1.1 200
OK embed.Tweet.7441fbde60739a79657a.js Show response
platform.twitter.com/embed/ Frame ADCA 16 KB
6 KB 135ms
36ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.7441fbde60739a79657a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/8093) /
Resource Hash: ac0b312f9cb9d890f38d50965cac80da09e0157a74877d144cf9db089963e1ea

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (cha/8093)
Age: 2393528
Etag: "882fc55e2cbdd922fdb9289839725a36+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5739

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 68ms
32ms Image
image/gif 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=417674815090802&ev=PageView&dl=https%3A%2F%2Fpaylesstoconnect.ca%2F&rl=&if=false&ts=1641475112881&cd[segment_eid]=RS7P5KHASFC33LAEQRIOCF&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=29&fbp=fb.1.1641475112708.77499625&it=1641475112431&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p0&rqm=GET

Requested by

Host: paylesstoconnect.ca
URL: https://paylesstoconnect.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 06 Jan 2022 13:18:32 GMT

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js Show response
platform.twitter.com/embed/ Frame ADCA 29 KB
10 KB 33ms
32ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/81FE) /
Resource Hash: 95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (cha/81FE)
Age: 2321030
Etag: "243d823d043564092099acd4323c5b02+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 9316

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js Show response
platform.twitter.com/embed/ Frame ADCA 4 KB
2 KB 32ms
32ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/8093) /
Resource Hash: 015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (cha/8093)
Age: 2393529
Etag: "03f1f219cd32073181398d1f998ecb57+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 1733

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js Show response
platform.twitter.com/embed/ Frame ADCA 383 KB
94 KB 33ms
33ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/80C2) /
Resource Hash: 7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (cha/80C2)
Age: 2393529
Etag: "28a37f9b17808aa66f17b1c227be059e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 96013

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js Show response
platform.twitter.com/embed/ Frame ADCA 17 KB
6 KB 32ms
32ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/81E0) /
Resource Hash: 0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (cha/81E0)
Age: 2393529
Etag: "c247e426d2ec154064a87aaff54defce+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5857

GET
H/1.1 200
OK embed.ondemand.Tweet.6e96324b79625228cf29.js Show response
platform.twitter.com/embed/ Frame ADCA 65 KB
16 KB 33ms
33ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.6e96324b79625228cf29.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/8094) /
Resource Hash: 131670c344a1c5951ebc2d33a634177924e089fcb43272238df6292846c698aa

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1398014929211383818&lang=en&origin=https%3A%2F%2Fpaylesstoconnect.ca%2F&sessionId=4b23a1a91b36162feeaee088a0f54778553f3838&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 13:18:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (cha/8094)
Age: 2393528
Etag: "e5fb6dfbcdd3dbfd4df66eb8fb597873+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 15650

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame ADCA 846 B
1 KB 255ms
101ms XHR
application/json 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1398014929211383818&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b / Express

Resource Hash

cbee9d5ebb822d1656cf7132f33861177deaff14543af3be0ebf0c697698d77a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"34e-WB/VMEyKeyX/9bsCl8A195cSLtA"
x-powered-by: Express
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
content-length: 538
x-xss-protection: 0
x-response-time: 43
server: tsa_b
x-frame-options: SAMEORIGIN
date: Thu, 06 Jan 2022 13:18:33 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: f77065d1deb28f1c66df8b8bdd232e5291430136c363995e58c23c70ee79ca0e
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 32ms
32ms Image
image/gif 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1458126871017398&ev=Microdata&dl=https%3A%2F%2Fpaylesstoconnect.ca%2F&rl=&if=false&ts=1641475113255&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Pay%20Less%20To%20Connect%22%2C%22meta%3Adescription%22%3A%22With%20the%20stroke%20of%20a%20pen%2C%20the%20federal%20cabinet%20can%20lower%20internet%20bills%20for%20millions%20of%20Canadians%20-%20simply%20by%20enforcing%20the%20CRTC%E2%80%99s%202019%20rate%20decision.%20%20Will%20they%20lower%20your%20cost%20of%20living%2C%20or%20protect%20Big%20Telecom%E2%80%99s%20massive%20profits%3F%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Pay%20Less%20To%20Connect%22%2C%22og%3Adescription%22%3A%22With%20the%20stroke%20of%20a%20pen%2C%20the%20federal%20cabinet%20can%20lower%20internet%20bills%20for%20millions%20of%20Canadians%20-%20simply%20by%20enforcing%20the%20CRTC%E2%80%99s%202019%20rate%20decision.%20%20Will%20they%20lower%20your%20cost%20of%20living%2C%20or%20protect%20Big%20Telecom%E2%80%99s%20massive%20profits%3F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ff.hubspotusercontent40.net%2Fhubfs%2F2173091%2FPLTC%2520V5%2Fpltcv4-social.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1641475112708.77499625&it=1641475112431&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://paylesstoconnect.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 06 Jan 2022 13:18:33 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame ADCA 43 B
380 B 60ms
60ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1641475113564%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fpaylesstoconnect.ca%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22860263f%3A1639072779848%22%2C%22item_ids%22%3A%5B%221398014929211383818%22%5D%2C%22item_details%22%3A%7B%221398014929211383818%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 10
pragma: no-cache
last-modified: Thu, 06 Jan 2022 13:18:33 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 306d48155216f067f364e2b4b03df92d4772c945564976d939c6c8df67c96079
x-transaction: 534056df8458c905
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 uBxChWZH_normal.png
pbs.twimg.com/profile_images/1140458003528855552/ Frame ADCA 6 KB
6 KB 46ms
33ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1140458003528855552/uBxChWZH_normal.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (cha/8199) /

Resource Hash

c3beba5f66989ebe7daefa591ab8fbef642317ab4886b6871c9f2bbaf1ff2c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 13:18:33 GMT
x-content-type-options: nosniff
age: 253468
x-cache: HIT
content-length: 5911
x-response-time: 15
surrogate-key: profile_images profile_images/bucket/9 profile_images/1140458003528855552
last-modified: Mon, 17 Jun 2019 03:13:51 GMT
server: ECS (cha/8199)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 17623da5b2c374296d90adce301b474f43a28adf78fad35679fe489a27f27802
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paylesstoconnect.ca/	1970-01-20 17:29:07	Name: _ga Value: GA1.2.322427147.1641475113
.paylesstoconnect.ca/	1970-01-19 23:59:21	Name: _gid Value: GA1.2.1124124064.1641475113
.paylesstoconnect.ca/	1970-01-19 23:57:55	Name: _gat_gtag_UA_137276941_1 Value: 1
d.adroll.com/	1970-01-20 09:26:43	Name: __adroll Value: f413465a925996a2130771753a2b8106-a_1641475112
.adroll.com/	1970-01-20 09:26:43	Name: __adroll_shared Value: f413465a925996a2130771753a2b8106-a_1641475112
.paylesstoconnect.ca/	1970-01-20 08:43:52	Name: __adroll_fpc Value: 32c2e6225f5535afe468fca838685b51-1641475112644
.paylesstoconnect.ca/	1970-01-20 08:43:31	Name: __ar_v4 Value: %7CUUVLSG5ARBEWJL7WWPIHPY%3A20220105%3A1%7CRG3SYZBR6ZBAVD4QHCHDSQ%3A20220105%3A1
.paylesstoconnect.ca/	1970-01-20 02:07:31	Name: _fbp Value: fb.1.1641475112708.77499625
.taboola.com/	1970-01-20 08:43:31	Name: t_gid Value: acd517bd-466d-42cc-b355-6ab5fc4d4576-tuct8d071a8
.pubmatic.com/	1970-01-20 09:33:55	Name: KRTBCOOKIE_10 Value: 22808-ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY&KRTB&22883-ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY
.pubmatic.com/	1970-01-20 00:41:07	Name: PugT Value: 1641463535
.pubmatic.com/	1970-01-20 02:07:31	Name: PUBMDCID Value: 2
.3lift.com/	1970-01-20 02:07:31	Name: tluid Value: 818220825041780180
.advertising.com/	1970-01-20 08:44:57	Name: APID Value: UP2590618a-6ef3-11ec-b4eb-0e2a084b0ec7
.facebook.com/	1970-01-20 02:07:31	Name: fr Value: 0ro14nvY9DE62IkMP..Bh1uwo...1.0.Bh1uwo.
.casalemedia.com/	1970-01-20 08:43:31	Name: CMID Value: YdbsKGqfiA4zNQ56HcK.0AAA
.casalemedia.com/	1970-01-20 02:07:31	Name: CMPS Value: 149
.rubiconproject.com/	1970-01-20 08:43:31	Name: khaos Value: KY2ZWF3O-X-4RZ3
.rubiconproject.com/	1970-01-20 08:43:31	Name: audit Value: 1\|UmG46hh8/RAZBy1iyI1J5QRaWAQPW7UQQDeMLHWiXhuXzu0U2rFvUB4BCqegM/eVokuAQ8oZS8Bw0S94mtzOH6X03m07ywdlM/uPx/DKN36Vn6oT8+TfX6rF1muIiU+naba+fF8JAxwhNCSjQ6KCON9b5W7+40JxDFGV8gAhu76Gf0VK27DdNj+sFLB/WmBAiyTz+DOnHeDc6UO785F0Pw==
.outbrain.com/	1970-01-20 02:07:31	Name: obuid Value: dfc222b0-1b39-4170-9fec-901e3171431e
.outbrain.com/	1970-01-20 00:41:07	Name: adrl Value: ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY
.yahoo.com/	1970-01-20 08:43:52	Name: A3 Value: d=AQABBCjs1mECEJPAI_S-B13IdxbCG0PMeNcFEgEBAQE92GHgYQAAAAAA_eMAAA&S=AQAAApR2yQJLevWVt3eVeFlX13Q
.casalemedia.com/	1970-01-20 02:07:31	Name: CMPRO Value: 172
.casalemedia.com/	1970-01-19 23:59:21	Name: CMST Value: YdbsKGHW7CgA
.casalemedia.com/	1970-01-20 08:43:31	Name: CMRUM3 Value: 6961d6ec282760ZjQxMzQ2NWE5MjU5OTZhMjEzMDc3MTc1M2EyYjgxMDY
.analytics.yahoo.com/	1970-01-20 08:44:57	Name: IDSYNC Value: 1770~22id
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UP2590618a-6ef3-11ec-b4eb-0e2a084b0ec7
.yahoo.com/	1970-01-19 23:59:21	Name: APIDTS Value: 1641475112

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
ajax.googleapis.com
cdn.syndication.twimg.com
connect.facebook.net
d.adroll.com
d1tdp7z6w94jbb.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
paylesstoconnect.ca
pbs.twimg.com
pixel.advertising.com
pixel.rubiconproject.com
platform.twitter.com
s.adroll.com
simage2.pubmatic.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
syndication.twitter.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.244.42.72
104.36.115.109
141.226.224.48
2001:4998:14:800::1000
23.52.162.21
2600:9000:21da:b600:d:9da0:f1c0:93a1
2600:9000:21da:e00:6:9280:1080:93a1
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:2800:220:1410:489:141e:20bb:12f6
2606:4700::6812:1734
2607:f8b0:4006:817::200a
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81f::2003
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::200e
2607:f8b0:4023:1404::9a
2620:1ec:bdf::35
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
3.213.3.60
35.71.139.29
52.21.125.8
52.45.33.138
64.202.112.31
69.173.151.100
015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746
02cc9497d27db5c3139b36fae70b70af832c252f16a3d53be2709625305448a2
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12c748318ff42d318458ecde073d66441c47dfa28d941be5f42694fc4e02a0ac
131670c344a1c5951ebc2d33a634177924e089fcb43272238df6292846c698aa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1cc3ebf9ef7f4d93ce0fccfd2c3506b1d6da8b49ffabdbd00275bff6dda92be8
1f6cca85a7d5cf70f70df47c969b034694dad354fdc03b93c01f5f42ef40b704
25194b73ec31c5fa1e315cd30fd7428f4075d725740663aea2e60d1de61288cb
26446f3e68def07be8b2635560a33f45bdd0c7c4f53b9809ef70126c735055ec
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
29770a880856498b98ba3e5645aa82cf7986268ccb172a48de4417bf3e2db339
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
2cecea24728484accfdeb4899b6feb3949c771dd4f3cd636931f5aa12c361024
343bf2a4793f32f4618d6d2faec8cf021b3329866328c90a8b95ff6aa39fe7ae
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3aaffecb7b1290375fca7efb9ad634afb4df44b708a1969049792cf4f4ce8951
3fea245db42f618cf7cbd0019afa9f96c347f9be405d923991e62642dda91eee
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
4632f2a6b880931a9a2468fe53828f3a5a4b0934d9f4f6f37d6831214469a07e
514e2a40ced8a53a13af1d97d1b50cadeb26363dbfb7af33b54e4cd798ae5049
54c579a1e0827e85ec530fda9c5873a28493f7389aadafdcd6682ffa391e3e0a
5774c7b88516fc571f8ff35d04a951c2a02c414d12d78ae82bd724b7d06e71da
5edc2eb553e38609310bfd08a62bf4ac4bd2852fbc0a6dff0d4d0a722807ecd8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d971119a046fb86eeec343e50c680c36a72eb2df85521c8f343dc9678924398
6fcedb9e973c1d3a06b531532596efb93fdcae291b24087dfd09cf24b4362fa3
768e3301c4acb945b0c1c7feb4182a33108c536583c4d52045fbfe7937c1e659
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7e99cae469202590f2a4c1afb6fb984d8a842cabebc849559c3659e1c93bd5f8
81e7171c721da5c468b1f9b9456dd9f14af4af8fed1df045c2e3b5f734ce800a
8438c211deeef4628b1ffb7f49058f9d57bac88cc51cf6e13d7f5146a0f3c2fc
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
8d10280e8071d96d42984b8a0fe9eb713babef562cfe8e31bc28fbf65c46e126
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4
906d4eaab45c2ecfd1be2c35d388fa74b6b3e6aa2764cc2b53a51f9c3f9536d2
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
a8b20df7dac89c189a39ee10084516e09be14b086764aa134c13f7a5caf93db7
ac0b312f9cb9d890f38d50965cac80da09e0157a74877d144cf9db089963e1ea
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad68b1eebdd10516b4cd884ca26e3f2f6086efc2a025badffb5f08e7fb110807
afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2698da8df8781bf12a07d76bab5c6353fbb730a8138fcaa1371c4950ad7c461
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd389919aaec167ea0252ff7d312eee84e875a9a5a4b8128cb12baebe7f03c29
c3beba5f66989ebe7daefa591ab8fbef642317ab4886b6871c9f2bbaf1ff2c1e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c56b295da16cc41ea87c3b6dcc4d10db39f3a10133ef38b87d0ecc19fe1b8c84
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9da83aeed6057c85dec0ab37c7a3fc7bb816bf3ad1f314df3b8c9432cc62146
cbee9d5ebb822d1656cf7132f33861177deaff14543af3be0ebf0c697698d77a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
d142a29dfc233602672353f1bfaf7d8e72331ec6902d8dd12cb56e5eaf794fc2
d68d241183aaaa5d743463bd5af07f5cd459e8931cae4fa0189cbee8fdd5ad4a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e1e0d9f5a8eae5876f887452063cd14c91c5804c0b476b652e64b442e3d624
e9c53a0b361998d6a76af01b183fedcfaf27d51b21350be94540ad22db81f597
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1822ed57889bb9de2193a6dc187ef87eb5e3357c712e027b59acfe44c1dc5d2
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

paylesstoconnect.ca Open in urlscan Pro 2620:1ec:bdf::35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

89 %HTTPS

60 %IPv6

21 Domains

27 Subdomains

24 IPs

1 Countries

2547 kBTransfer

4590 kBSize

28 Cookies

3 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paylesstoconnect.ca Open in urlscan Pro
2620:1ec:bdf::35 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

89 %
HTTPS

60 %
IPv6

21
Domains

27
Subdomains

24
IPs

1
Countries

2547 kB
Transfer

4590 kB
Size

28
Cookies

81 HTTP transactions
0 data transactions