urlscan.io logo urlscan.io
SecurityTrails logo

sites.placetopay.ec Open in urlscan Pro
2606:4700:10::6814:2b07  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sites.placetopay.ec/
Effective URL: https://sites.placetopay.ec/
Submission: On February 27 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 41 HTTP transactions. The main IP is 2606:4700:10::6814:2b07, located in United States and belongs to CLOUDFLARENET, US. The main domain is sites.placetopay.ec.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 6th 2023. Valid for: a year.
This is the only time sites.placetopay.ec was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
6 151.101.130.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
41 8
1    2606:4700:10::ac43:228e (United States)

ASN13335 (CLOUDFLARENET, US)
sites.placetopay.ec
11    2606:4700:10::6814:2b07 (United States)

ASN13335 (CLOUDFLARENET, US)
sites.placetopay.ec
1    2607:f8b0:400d:c0f::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:10::6814:470d (United States)

ASN13335 (CLOUDFLARENET, US)
static.placetopay.com
6    2607:f8b0:400d:c09::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2607:f8b0:400d:c02::67 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com
9    2607:f8b0:400d:c00::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
649 KB
12 placetopay.ec
sites.placetopay.ec
586 KB
6 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 358
11 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
75 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 231
523 B
1 placetopay.com
static.placetopay.com — Cisco Umbrella Rank: 535569
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
41 7
Domain Requested by
12 sites.placetopay.ec 1 redirects sites.placetopay.ec
9 www.gstatic.com www.google.com
www.gstatic.com
6 js-agent.newrelic.com sites.placetopay.ec
6 www.google.com sites.placetopay.ec
www.gstatic.com
www.google.com
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
1 bam.nr-data.net js-agent.newrelic.com
1 static.placetopay.com sites.placetopay.ec
1 fonts.googleapis.com sites.placetopay.ec
41 8

This site contains no links.

Subject Issuer Validity Valid
*.placetopay.ec
Sectigo RSA Organization Validation Secure Server CA		 2023-01-06 -
2024-01-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.placetopay.com
Sectigo RSA Organization Validation Secure Server CA		 2022-06-30 -
2023-07-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://sites.placetopay.ec/
Frame ID: 8F1C8AD331AC4ECB70F1CF8CE745FE8E
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN&co=aHR0cHM6Ly9zaXRlcy5wbGFjZXRvcGF5LmVjOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=dwsvt6elxkyu
Frame ID: 65F63551AE377FBC94B8EEDFACA27D72
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN
Frame ID: A424D34AA202B9961AADE5A119EB3B34
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PlacetoPay Microsites | Home

Page URL History Show full URLs

  1. http://sites.placetopay.ec/ HTTP 301
    https://sites.placetopay.ec/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

41
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

1326 kB
Transfer

6259 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sites.placetopay.ec/ HTTP 301
    https://sites.placetopay.ec/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sites.placetopay.ec/
Redirect Chain
  • http://sites.placetopay.ec/
  • https://sites.placetopay.ec/
49 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd6377ceaf724916ccf017d0fb7946693aafd70a176d47fed99eeabb90d73be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7a0155c49f82cac4-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 13:40:55 GMT
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
7a0155c40bc9a220-YYZ
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 27 Feb 2023 13:40:55 GMT
Expires
Mon, 27 Feb 2023 14:40:55 GMT
Location
https://sites.placetopay.ec/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
app.js
sites.placetopay.ec/assets/v2/js/ 		755 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sites.placetopay.ec/assets/v2/js/app.js?id=1e57d3a15581ea90380e792db80f3bc2
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5575334dcf12b39cc7b2e379c67071cf11df43877b8d4525ed7e7dec3192ee99
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 24 Feb 2023 04:07:15 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=773962
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a0155c608e8cac4-YYZ
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb45186df56434cecc5dfb1e5676b85b42742d42f4606a9ebc7cf5a5538b5962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 13:40:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 13:38:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 13:40:55 GMT
main.css
sites.placetopay.ec/assets/v2/css/ 		4 MB
337 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sites.placetopay.ec/assets/v2/css/main.css?id=7ef75ef5c2d3008d68356e7005248e36
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0074db7132aaf41507baf91a4c0ae27c3bd49d617bc9fa79d32678cc9fe639e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
last-modified
Fri, 24 Feb 2023 04:07:15 GMT
cf-bgj
minify
server
cloudflare
content-encoding
br
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=14400
cf-ray
7a0155c608eacac4-YYZ
x-xss-protection
1; mode=block
lang.css
sites.placetopay.ec/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sites.placetopay.ec/css/lang.css?id=9b0b9be34239d1b36dfd54c45e59ba75
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd26e57a33ef2032555d388300f6f2ac660281c67530995d959f7d0933cc482
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 24 Feb 2023 04:07:15 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=8092
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=14400
cf-ray
7a0155c608ebcac4-YYZ
x-xss-protection
1; mode=block
placetopay-logo.svg
static.placetopay.com/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.placetopay.com/placetopay-logo.svg
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:470d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5cc9ec6372434888b00dcbf24737c30fb7c0fdb66808a1839f9e09b519793aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 23:43:03 GMT
server
cloudflare
age
3351
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*.placetopay.com
content-encoding
br
cache-control
max-age=16070400
cf-ray
7a0155c75daca22e-YYZ
x-xss-protection
1; mode=block
yYWRR0Ub96eJFJrmKdNYccAqBGSJ9fZg2yNRSDsp.svg
sites.placetopay.ec/storage/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sites.placetopay.ec/storage/images/yYWRR0Ub96eJFJrmKdNYccAqBGSJ9fZg2yNRSDsp.svg
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779d76c8bf7a344ed05c28f26d572937dc5a84f2aa242e7a19ce58ef236f8bd8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2020 18:58:02 GMT
server
cloudflare
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*.placetopay.ec
cache-control
max-age=14400
cf-ray
7a0155c78a4acac4-YYZ
x-xss-protection
1; mode=block
73192KewYWDZwJpr7GPItfXWM7dXTcftwjFzPpce.svg
sites.placetopay.ec/storage/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sites.placetopay.ec/storage/images/73192KewYWDZwJpr7GPItfXWM7dXTcftwjFzPpce.svg
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4676398b68d738b28b78a9a5060523cd3281c6614638d504b2f46172eed389d7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2020 18:58:08 GMT
server
cloudflare
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*.placetopay.ec
cache-control
max-age=14400
cf-ray
7a0155c7da89cac4-YYZ
x-xss-protection
1; mode=block
q9668Zj1d3lmFfClDCZtPhNY06v9e3MZMRqlHi11.svg
sites.placetopay.ec/storage/images/ 		2 KB
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sites.placetopay.ec/storage/images/q9668Zj1d3lmFfClDCZtPhNY06v9e3MZMRqlHi11.svg
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ac7a4776d1539aa0d37baaf6507f71c32768131061120f71e7473a9752192e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2020 18:58:17 GMT
server
cloudflare
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*.placetopay.ec
cache-control
max-age=14400
cf-ray
7a0155c7da8acac4-YYZ
x-xss-protection
1; mode=block
JFhDFqT0Bv8ONPASh384fchwlT6CUd7pmp9KvvAt.svg
sites.placetopay.ec/storage/images/ 		2 KB
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sites.placetopay.ec/storage/images/JFhDFqT0Bv8ONPASh384fchwlT6CUd7pmp9KvvAt.svg
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e471345f9e0fa2dcd997f223067e9eaece53626bd71eb1dc20b07b590406a3ef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2020 18:58:24 GMT
server
cloudflare
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*.placetopay.ec
cache-control
max-age=14400
cf-ray
7a0155c7da8ccac4-YYZ
x-xss-protection
1; mode=block
N0h77UM9OiCUB97VPXEPU3uzOmF12GhuFUvI4fkZ.svg
sites.placetopay.ec/storage/images/ 		2 KB
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sites.placetopay.ec/storage/images/N0h77UM9OiCUB97VPXEPU3uzOmF12GhuFUvI4fkZ.svg
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc5a41987ef9e8b982479c6008becd70268bdbd4dd64e9aca497438550245e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2020 18:58:42 GMT
server
cloudflare
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*.placetopay.ec
cache-control
max-age=14400
cf-ray
7a0155c7da8fcac4-YYZ
x-xss-protection
1; mode=block
QTLIecdnDYb8COj3HbHatXkRg9dKOUxmYUbtTSz3.png
sites.placetopay.ec/storage/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sites.placetopay.ec/storage/images/QTLIecdnDYb8COj3HbHatXkRg9dKOUxmYUbtTSz3.png
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bcbe0e9e2a01d1db5fca57cab294dd8dad296863e00a4c68ead1d609463fe12
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2846
content-disposition
inline; filename="QTLIecdnDYb8COj3HbHatXkRg9dKOUxmYUbtTSz3.webp"
content-length
2390
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Fri, 28 Sep 2018 18:31:40 GMT
server
cloudflare
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a0155c7da91cac4-YYZ
JfHwuSl1oO2QmAV4qkjqTyU5rJEQd5T6VXvPKvVO.svg
sites.placetopay.ec/storage/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sites.placetopay.ec/storage/images/JfHwuSl1oO2QmAV4qkjqTyU5rJEQd5T6VXvPKvVO.svg
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2b07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e145d8d15b3c3666619a1ebd1644e3649c41e59837c7c015b8ced23a6592c5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:55 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2020 18:59:05 GMT
server
cloudflare
content-encoding
br
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*.placetopay.ec
cache-control
max-age=14400
cf-ray
7a0155c7da94cac4-YYZ
x-xss-protection
1; mode=block
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sites.placetopay.ec
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 13:43:09 GMT
x-content-type-options
nosniff
age
604666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2024 13:43:09 GMT
api.js
www.google.com/recaptcha/ 		916 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/assets/v2/js/app.js?id=1e57d3a15581ea90380e792db80f3bc2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fb57afabd52cfef7585ce760b99d2135c09df915de1ff92ab338f00f41d32cdb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 13:40:56 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ 		405 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit&hl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff4055198c989e026a212f803ab8f5f967e3319fb0d9b02b9ebba28e14537683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sites.placetopay.ec/
Origin
https://sites.placetopay.ec
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 20:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164689
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 20:07:33 GMT
anchor
www.google.com/recaptcha/api2/ Frame 65F6 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN&co=aHR0cHM6Ly9zaXRlcy5wbGFjZXRvcGF5LmVjOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=dwsvt6elxkyu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
be9f19aed00c216b28ae3a9697761cf365fc21b571b04418345d7a97f211804e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y1sN3K_mkS8IcyoSJ1peBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sites.placetopay.ec/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23269
content-security-policy
script-src 'report-sample' 'nonce-Y1sN3K_mkS8IcyoSJ1peBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 13:40:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 65F6 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN&co=aHR0cHM6Ly9zaXRlcy5wbGFjZXRvcGF5LmVjOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=dwsvt6elxkyu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 20:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 20:07:35 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 65F6 		405 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN&co=aHR0cHM6Ly9zaXRlcy5wbGFjZXRvcGF5LmVjOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=dwsvt6elxkyu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff4055198c989e026a212f803ab8f5f967e3319fb0d9b02b9ebba28e14537683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 20:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164689
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 20:07:33 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 65F6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 08:06:16 GMT
x-content-type-options
nosniff
age
452080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 01 Mar 2023 08:06:16 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 65F6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN&co=aHR0cHM6Ly9zaXRlcy5wbGFjZXRvcGF5LmVjOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=dwsvt6elxkyu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 18:07:49 GMT
x-content-type-options
nosniff
age
502387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Feb 2024 18:07:49 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 65F6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN&co=aHR0cHM6Ly9zaXRlcy5wbGFjZXRvcGF5LmVjOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=dwsvt6elxkyu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:38:59 GMT
x-content-type-options
nosniff
age
21717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Feb 2024 07:38:59 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 65F6 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN&co=aHR0cHM6Ly9zaXRlcy5wbGFjZXRvcGF5LmVjOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=dwsvt6elxkyu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
edb7ecd7755bc304a204b72db82b353af086fc225ccea888003346f082e9cb85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN&co=aHR0cHM6Ly9zaXRlcy5wbGFjZXRvcGF5LmVjOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=dwsvt6elxkyu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 13:40:56 GMT
async-api.6bb277af-1225.min.js
js-agent.newrelic.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
ccu4IA9M.iSFjMQAJQZ9WRC6vNK74xfk
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Feb 2023 13:40:56 GMT
x-amz-request-id
H1NJ9VB8EY3PTGMW
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1094
x-amz-id-2
Iz6MlHyTEJaKQC8eYTuYUoyKAO6rEZHQa7DpkqLGSMl3x45yGff7ijhcne4gXRonY53Dcy1JMj8=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677505257.742335,VS0,VE0
etag
"dd573d973dfb2a2559befdfb616d511d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6402
lazy-loader.48127245-1225.min.js
js-agent.newrelic.com/ 		2 KB
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-loader.48127245-1225.min.js
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
x72sIi24uKUpr9UhD5QY7PCKtNgMfeY4
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Feb 2023 13:40:56 GMT
x-amz-request-id
Y4K5HGP30MBPE91Q
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
520
x-amz-id-2
dIYDGmEvgFx05edPNHExR7BogTfJ37JGDFmni/SWblpl3nJzuI4z3wkCcZ7mimwHSug7PWn0fNI=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677505257.742504,VS0,VE0
etag
"a3759bbbd15fffd73531bda1e8166ae7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5043
bframe
www.google.com/recaptcha/api2/ Frame A424 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7d6ceef5692f68f4654835e36952ea0af545c7e1e0ad176f4490df85a9dc9907
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--O3B_aVJbQwW1EOjWNEw0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sites.placetopay.ec/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1119
content-security-policy
script-src 'report-sample' 'nonce--O3B_aVJbQwW1EOjWNEw0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 13:40:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
118.d37755e4-1225.min.js
js-agent.newrelic.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/118.d37755e4-1225.min.js
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
8iuwUwYODDWrlAN7lGJW4CKaVaPtd.FC
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Feb 2023 13:40:56 GMT
x-amz-request-id
BCZTS6YS2GCGFKGX
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3412
x-amz-id-2
PmEwHoA9GlyukerPDhj6u8/WfbkJmAV3ORxQ31r5rW6FzuCQKh/G2gthW5Idi4B4SOLYF9DjBZM=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677505257.844066,VS0,VE0
etag
"9c8a05b5703a1c30e0418f9ba42337df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6364
page_view_event-aggregate.29613e65-1225.min.js
js-agent.newrelic.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1225.min.js
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
Q2wYJMaFVSMNo7QiSpnsS727o5X3kt_1
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Feb 2023 13:40:56 GMT
x-amz-request-id
7C73CG4ZQQ6M7083
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1682
x-amz-id-2
4+uavw9wzTtO43WHAiBy7lrA53b5E+nK7BW6uVc4HdUfdNc9hVm03IB84bsrMFjIAKNfUc98CWg=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677505257.844737,VS0,VE0
etag
"0743ee0ec30428f3654ee07d779efb64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
29359
page_view_timing-aggregate.e791ce32-1225.min.js
js-agent.newrelic.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.e791ce32-1225.min.js
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
5Hc0bLUe_lA8zF4035AV9Xl5FkevBdYq
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Feb 2023 13:40:56 GMT
x-amz-request-id
H1NYMEJN4D7D2PWG
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2248
x-amz-id-2
fA0zbF/RTkXcouOU1YRg7lBwulBrPjAMXHhHNCZ2m1xhx1JGoRGtqUmoFGZVCQyn645xdyhTnBQ=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677505257.844724,VS0,VE0
etag
"84ba19034cf0206a49ecf68893086bdd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6365
metrics-aggregate.b4a54ed9-1225.min.js
js-agent.newrelic.com/ 		1 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.b4a54ed9-1225.min.js
Requested by
Host: sites.placetopay.ec
URL: https://sites.placetopay.ec/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
0sI71h2BU2Q4FabSOYi.9wzegJNG1fuh
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Feb 2023 13:40:56 GMT
x-amz-request-id
H1NPSPEMX5MRQXZT
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
730
x-amz-id-2
qt8vPmJpeW8JwAEIr8+31toa2alk2eY2QjPgAm0ZUWvUebQrVA0bW7w1F18h2FvsIHUexHlkVxk=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 10 Feb 2023 20:23:02 GMT
server
AmazonS3
x-timer
S1677505257.844716,VS0,VE0
etag
"395608505dac1e4fbe08bd146e09f5c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6345
1c6c9eb3c6
bam.nr-data.net/1/ 		49 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/1c6c9eb3c6?a=229149648&v=1225.PROD&to=Z1xRbUJSWxFTUhFZXl4WclpEWloMHVwMU0NfSlpNVUAbEVdQF1NZ&rst=1873&ck=0&s=e29c746d20d4e892&ref=https://sites.placetopay.ec/&ap=99&be=366&fe=1357&dc=533&perf=%7B%22timing%22:%7B%22of%22:1677505254984,%22n%22:0,%22f%22:93,%22dn%22:93,%22dne%22:94,%22c%22:94,%22s%22:111,%22ce%22:140,%22rq%22:140,%22rp%22:335,%22rpe%22:346,%22dl%22:340,%22di%22:783,%22ds%22:899,%22de%22:899,%22dc%22:1722,%22l%22:1722,%22le%22:1724%7D,%22navigation%22:%7B%7D%7D&fp=748&fcp=748&at=SxtSGwpISB8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sites.placetopay.ec/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 13:40:57 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7a0155d02db5a1ff-YYZ
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame A424 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 20:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 20:07:35 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame A424 		405 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff4055198c989e026a212f803ab8f5f967e3319fb0d9b02b9ebba28e14537683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 20:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
495203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164689
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 20:07:33 GMT
reload
www.google.com/recaptcha/api2/ Frame A424 		38 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
587c770526828593a29ab0420ad15b6d4af199c7523fee811846bf11158b43da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 27 Feb 2023 13:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23506
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 13:40:57 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame A424 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 09:26:00 GMT
x-content-type-options
nosniff
age
15297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 06 Mar 2023 09:26:00 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame A424 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 12:45:35 GMT
x-content-type-options
nosniff
age
435322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 01 Mar 2023 12:45:35 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame A424 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 13:23:44 GMT
x-content-type-options
nosniff
age
433033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 01 Mar 2023 13:23:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A424 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 18:07:49 GMT
x-content-type-options
nosniff
age
502388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Feb 2024 18:07:49 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A424 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 14:30:28 GMT
x-content-type-options
nosniff
age
601829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2024 14:30:28 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A424 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:38:59 GMT
x-content-type-options
nosniff
age
21718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Feb 2024 07:38:59 GMT
payload
www.google.com/recaptcha/api2/ Frame A424 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AFY_a8UiJZyRxyIj2ccrjoVs7i7yNaM4OaugkJKSUAOsa80XfDH96geYyuZ0wPJUC3WpDNvW_q-cfejeDyYQVPGlz0Sec8xc7oJESIgj65zzjmuxOYeGOrOqbKv4ZQff_qnw3zJp0jnFXsNWr5sPyo8HAM8tvSOiOjf4B06IfcFL0tyglP-MPEJI8xIpo5WmtcBzyhKoRcLvLpEDEvx72ZIlcCFZd4iVQA&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c02::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
10d1baed5b56e94cc3076f7967a5fcc917e3913ac6e41db2a32c8a88720f19b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6Lc1WxkUAAAAAANhMFQXXYWC6Bb7HrqGUehlCtAN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:40:57 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26881
x-xss-protection
1; mode=block
expires
Mon, 27 Feb 2023 13:40:57 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA object| App function| display function| closeAlert object| element object| webpackChunk object| __core-js_shared__ object| core boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ function| flatpickr function| vueRecaptchaApiLoaded function| axios function| _ function| swal function| localizeValidator boolean| __VUE__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_121839

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJBLKW2juIN8NPFcS0w1gV3tGoD6uYcypXbyWwSR7pUQ1RTDPhFi3w4AUeNww6C313SLsXpJCp21X2lFUOij9f4
sites.placetopay.ec/ Name: XSRF-TOKEN
Value: eyJpdiI6IkMxd1hGY0VRazgvVUJqTXl1S01zUWc9PSIsInZhbHVlIjoiYXA3UlBUemgvOWVJWTY2cjE1NEloSFZFYXF4akM4dEZvTmZ0RlM4L2prQk9zQm83R1d5T1lHenJVNm5YaFF5SGh1VkpCZzlBVVlTNXBER3JmSFVmcEFXWFJFK1pkN3RNNysyZFo0ZEQ2Zzk3YXpCQWtTMHBDbXpxaUdUQTJ2NjAiLCJtYWMiOiI1YjQxNjExMGRhYjdmODgyYzBlODI1YTFmYzk4OGU4NTAxNDZlZTQxNzEzNzljOTNkZTI0OThiNTk3ZWU5YTMyIiwidGFnIjoiIn0%3D
sites.placetopay.ec/ Name: placetopay_microsites_session
Value: eyJpdiI6InJQbmpDTGxYaHhHWm0rWDhWZkdsVlE9PSIsInZhbHVlIjoiSTRBTEViNkIzOW1hbXdGMk9PS002WHhwaUZuVGU1RHh3M2lmdExucmZvR3hkSERXcFlZTXNnMncyL2ZJOG9XdkdHV1BPcFNDYnNoSjgzTllCRm55ZE0zNGg3THRvekNKaDQ1R28wMnlaWUpNd0JvNGlqQ0xPcVBQK0gxSnZmMmQiLCJtYWMiOiIxYzhkZDBmZDNkZTI4NDZjZjdiN2Q0NDM5MTVlZGJhZTQ4ZmY4MWJhYjZkZmIxYjZlOGVhZjBmYWEyNjA0ZjY5IiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
sites.placetopay.ec
static.placetopay.com
www.google.com
www.gstatic.com
151.101.130.137
162.247.241.14
2606:4700:10::6814:2b07
2606:4700:10::6814:470d
2606:4700:10::ac43:228e
2607:f8b0:400d:c00::5e
2607:f8b0:400d:c02::67
2607:f8b0:400d:c09::5e
2607:f8b0:400d:c0f::5f
0074db7132aaf41507baf91a4c0ae27c3bd49d617bc9fa79d32678cc9fe639e6
0dd26e57a33ef2032555d388300f6f2ac660281c67530995d959f7d0933cc482
10d1baed5b56e94cc3076f7967a5fcc917e3913ac6e41db2a32c8a88720f19b2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2bd6377ceaf724916ccf017d0fb7946693aafd70a176d47fed99eeabb90d73be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4676398b68d738b28b78a9a5060523cd3281c6614638d504b2f46172eed389d7
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
5575334dcf12b39cc7b2e379c67071cf11df43877b8d4525ed7e7dec3192ee99
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
587c770526828593a29ab0420ad15b6d4af199c7523fee811846bf11158b43da
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
779d76c8bf7a344ed05c28f26d572937dc5a84f2aa242e7a19ce58ef236f8bd8
7d6ceef5692f68f4654835e36952ea0af545c7e1e0ad176f4490df85a9dc9907
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9bcbe0e9e2a01d1db5fca57cab294dd8dad296863e00a4c68ead1d609463fe12
a5cc9ec6372434888b00dcbf24737c30fb7c0fdb66808a1839f9e09b519793aa
a6ac7a4776d1539aa0d37baaf6507f71c32768131061120f71e7473a9752192e
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
bb45186df56434cecc5dfb1e5676b85b42742d42f4606a9ebc7cf5a5538b5962
be9f19aed00c216b28ae3a9697761cf365fc21b571b04418345d7a97f211804e
c6e145d8d15b3c3666619a1ebd1644e3649c41e59837c7c015b8ced23a6592c5
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
d7fc5a41987ef9e8b982479c6008becd70268bdbd4dd64e9aca497438550245e
e471345f9e0fa2dcd997f223067e9eaece53626bd71eb1dc20b07b590406a3ef
edb7ecd7755bc304a204b72db82b353af086fc225ccea888003346f082e9cb85
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321
fb57afabd52cfef7585ce760b99d2135c09df915de1ff92ab338f00f41d32cdb
ff4055198c989e026a212f803ab8f5f967e3319fb0d9b02b9ebba28e14537683