www.payfirma.com Open in urlscan Pro
2606:4700:10::6814:73d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.payfirma.com/
Submission: On December 11 via automatic, source certstream-suspicious (December 11th 2020, 6:36:11 pm UTC)

Summary HTTP 91 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 27 domains to perform 91 HTTP transactions. The main IP is 2606:4700:10::6814:73d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.payfirma.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 9th 2019. Valid for: 2 years.

This is the only time www.payfirma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2606:4700:10:... 2606:4700:10::6814:73d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.73.9 65.9.73.9	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.73.19 65.9.73.19	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	65.9.73.36 65.9.73.36	16509 (AMAZON-02) (AMAZON-02)
1	52.208.57.208 52.208.57.208	16509 (AMAZON-02) (AMAZON-02)
1	13.226.155.59 13.226.155.59	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1 5	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
14 18	54.77.74.200 54.77.74.200	16509 (AMAZON-02) (AMAZON-02)
1	3.124.119.192 3.124.119.192	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	52.29.22.19 52.29.22.19	16509 (AMAZON-02) (AMAZON-02)
1 2	52.57.47.211 52.57.47.211	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
91	34

33 2606:4700:10::6814:73d (United States)

ASN13335 (CLOUDFLARENET, US)

www.payfirma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.57.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-57-208.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-59.dus51.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.77.74.200 (Dublin, Ireland) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-74-200.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.119.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-192.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.22.19 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-22-19.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.47.211 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	payfirma.com www.payfirma.com	981 KB
22	adroll.com 14 redirects s.adroll.com d.adroll.com	26 KB
8	googleapis.com fonts.googleapis.com	6 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	5 KB
5	gstatic.com fonts.gstatic.com	46 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	63 KB
3	google.de www.google.de	704 B
3	google.com www.google.com	704 B
3	facebook.net connect.facebook.net	99 KB
2	openx.net 1 redirects us-u.openx.net	480 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	1005 B
2	3lift.com 1 redirects eb2.3lift.com	738 B
2	outbrain.com 1 redirects sync.outbrain.com	832 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	facebook.com www.facebook.com	405 B
2	bing.com bat.bing.com	9 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleadservices.com www.googleadservices.com	24 KB
1	taboola.com sync.taboola.com	217 B
1	yahoo.com 1 redirects ads.yahoo.com	733 B
1	pubmatic.com simage2.pubmatic.com	1010 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	advertising.com pixel.advertising.com	125 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	138 B
1	hotjar.io vc.hotjar.io	258 B
1	googletagmanager.com www.googletagmanager.com	40 KB
91	27

	Domain	Requested by
33	www.payfirma.com	www.payfirma.com
17	d.adroll.com	13 redirects
8	fonts.googleapis.com	www.payfirma.com
5	s.adroll.com	1 redirects www.payfirma.com s.adroll.com
5	fonts.gstatic.com	fonts.googleapis.com
3	www.google.de	www.payfirma.com
3	www.google.com	www.payfirma.com
3	connect.facebook.net	www.payfirma.com connect.facebook.net
3	googleads.g.doubleclick.net	www.googleadservices.com
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	www.facebook.com	www.payfirma.com
2	bat.bing.com	www.payfirma.com
2	www.google-analytics.com	www.googletagmanager.com www.payfirma.com
2	www.googleadservices.com	www.payfirma.com www.googletagmanager.com
1	cm.g.doubleclick.net	1 redirects
1	sync.taboola.com
1	ads.yahoo.com	1 redirects
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	pixel.advertising.com
1	d.adroll.mgr.consensu.org	1 redirects
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.payfirma.com
1	www.googletagmanager.com	www.payfirma.com
91	33

This site contains links to these domains. Also see Links.

Domain
merrco.ca
support.payfirma.com
hq.payfirma.com
developers.payfirma.com
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.payfirma.com DigiCert SHA2 Secure Server CA	`2019-09-09` - `2021-12-10`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.hotjar.io Amazon	`2020-09-15` - `2021-10-15`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-10-04` - `2021-03-31`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.payfirma.com/
Frame ID: 13604EFBEF1CA2C68DF9F7457BA5C385
Requests: 90 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: C63156B2BE46A7E635B10E28844A7C94
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

91
Requests

100 %
HTTPS

49 %
IPv6

27
Domains

33
Subdomains

34
IPs

7
Countries

1317 kB
Transfer

2639 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://merrco.ca/

Search URL Search Domain Scan URL

URL: https://support.payfirma.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://hq.payfirma.com/
Title: Log in >

Search URL Search Domain Scan URL

URL: https://developers.payfirma.com/
Title:

Search URL Search Domain Scan URL

URL: http://developers.payfirma.com/
Title: Developer Center

Search URL Search Domain Scan URL

URL: https://www.facebook.com/payfirma

Search URL Search Domain Scan URL

URL: https://twitter.com/Payfirma

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/payfirma-corporation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://s.adroll.com/j/exp/LFZ52RPCCRF3NFITZH366O/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 73

https://d.adroll.mgr.consensu.org/consent/iabcheck/LFZ52RPCCRF3NFITZH366O?_s=9696738bce5d235fce368e4eb83f9b1f&_b=2 HTTP 302
https://d.adroll.com/consent/check/LFZ52RPCCRF3NFITZH366O/?_s=9696738bce5d235fce368e4eb83f9b1f&_b=2

Request Chain 74

https://d.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&pv=78267047993.1054&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/7DMKJ5AWLRH7JBJAJZVIIP.js

Request Chain 76

https://d.adroll.com/cm/aol/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 77

https://d.adroll.com/cm/index/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expiration=1639247755 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expiration=1639247755&C=1

Request Chain 78

https://d.adroll.com/cm/n/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expires=365

Request Chain 79

https://d.adroll.com/cm/outbrain/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&rdrctExp=true

Request Chain 80

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 81

https://d.adroll.com/cm/r/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 82

https://d.adroll.com/cm/taboola/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg

Request Chain 83

https://d.adroll.com/cm/triplelift/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

Request Chain 84

https://d.adroll.com/cm/b/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg

Request Chain 85

https://d.adroll.com/cm/x/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg

Request Chain 87

https://d.adroll.com/cm/o/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=4c5fc8cf4f0d99274b86601e58122268 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=4c5fc8cf4f0d99274b86601e58122268

Request Chain 88

https://d.adroll.com/cm/g/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O&google_nid=adroll4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=TF_Iz08NmSdLhmAeWBIiaA HTTP 302
https://d.adroll.com/cm/g/in

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.payfirma.com/ 40 KB
11 KB 764ms
734ms Document
text/html 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

157b1ba72ca11963783c44b2418e72be96e30cad00ad562a6bd9e23d1e53756e

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

:method: GET
:authority: www.payfirma.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d1dd04dc883c97d87565d8345579ffcfb1607711752; expires=Sun, 10-Jan-21 18:35:52 GMT; path=/; domain=.payfirma.com; HttpOnly; SameSite=Lax
cf-ray: 60014ed7a9739772-FRA
cache-control: max-age=2592000, must-revalidate
expires: Wed, 30 Dec 2020 22:11:09 GMT
link: <https://www.payfirma.com/wp-json/>; rel="https://api.w.org/", <https://www.payfirma.com/wp-json/wp/v2/pages/5156>; rel="alternate"; type="application/json", <https://www.payfirma.com/>; rel=shortlink
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
cf-cache-status: DYNAMIC
cf-request-id: 06f4af9acd00009772e78ab000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
x-cache: HIT: 8596
x-cache-group: normal
x-cacheable: YES:2592000.000
x-pingback
x-powered-by: WP Engine
server: cloudflare
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 8 KB
876 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,700

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d37b252a43bb8921694deaa7427fffe15965fa3e6c0805e39ae7dec67d68526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 18:35:53 GMT
server: ESF
date: Fri, 11 Dec 2020 18:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 18:35:53 GMT

GET
H2 200 style.min.css
www.payfirma.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 35ms
33ms Stylesheet
text/css 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:53 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 22700
cf-request-id: 06f4af9daf00009772e78e3000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Thu, 27 Aug 2020 18:00:38 GMT
server: cloudflare
etag: W/"5f47f4c6-d293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014edc4cb09772-FRA

GET
H2 200 ctt-module-design.css
www.payfirma.com/wp-content/plugins/click-to-tweet/css/ 38 KB
6 KB 48ms
46ms Stylesheet
text/css 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63796d683841c242bdd76d2c118f3b1a78516d5e2c4f94ce47c41141d7c89286

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:53 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 345628
cf-polished: origSize=44720
cf-request-id: 06f4af9daf000097723b19b000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Nov 2017 07:58:09 GMT
server: cloudflare
etag: W/"5a0bf391-aeb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014edc4cb19772-FRA
cf-bgj: minify

GET
H2 200 main.css
www.payfirma.com/wp-content/themes/payfirma/dist/styles/ 331 KB
43 KB 78ms
76ms Stylesheet
text/css 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-content/themes/payfirma/dist/styles/main.css?ver=20170425

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fb2f5f47284fb9f0acd6ad0ccf68d6872aeb0888e51df065ffc70accebd35d

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:53 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 345628
cf-polished: origSize=339088
cf-request-id: 06f4af9db30000977245981000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Thu, 24 Sep 2020 21:00:27 GMT
server: cloudflare
etag: W/"5f6d08eb-52c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014edc4cb39772-FRA
cf-bgj: minify

GET
H2 200 custom.css
www.payfirma.com/wp-content/themes/payfirma/dist/styles/ 2 KB
823 B 685ms
684ms Stylesheet
text/css 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-content/themes/payfirma/dist/styles/custom.css?ver=20200925

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d17268aba1b35169f50de00887134b1e3cfeb43b1a7f64a0f064aeb7132792b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 30 Nov 2020 22:10:36 GMT
server: cloudflare
etag: W/"5fc56ddc-771"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 60014edc4cb49772-FRA
cf-request-id: 06f4af9db600009772330d7000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"

GET
H2 200 jquery.js Show response
www.payfirma.com/wp-includes/js/jquery/ 95 KB
33 KB 580ms
579ms Script
application/javascript 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: cloudflare
etag: W/"5cde37d2-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 60014edc4cb89772-FRA
cf-request-id: 06f4af9db700009772a3273000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"

GET
H2 200 main.js Show response
www.payfirma.com/wp-content/themes/payfirma/dist/scripts/ 261 KB
78 KB 55ms
54ms Script
application/javascript 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-content/themes/payfirma/dist/scripts/main.js

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

952601684d33c423bf905a8382dcf436a1de66e118d6f51e21a6e4c0851d9826

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:53 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 480043
cf-request-id: 06f4af9db700009772fb8ee000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Thu, 24 Sep 2020 21:00:27 GMT
server: cloudflare
etag: W/"5f6d08eb-412d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014edc4cb99772-FRA

GET
H2 200 temporary-new.css
www.payfirma.com/wp-content/themes/payfirma/dist/styles/ 1 KB
563 B 50ms
49ms Stylesheet
text/css 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-content/themes/payfirma/dist/styles/temporary-new.css

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2393f93c7fb70f340d981366adccee7b61da91c3fbce463f128b31b94659657c

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:53 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 480044
cf-polished: origSize=1512
cf-request-id: 06f4af9db600009772d9b24000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Thu, 24 Sep 2020 21:00:29 GMT
server: cloudflare
etag: W/"5f6d08ed-5e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014edc4cb79772-FRA
cf-bgj: minify

GET
H2 200 payfirma-logo.svg
www.payfirma.com/wp-content/themes/payfirma/dist/images/ 2 KB
1 KB 31ms
26ms Image
image/svg+xml 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/themes/payfirma/dist/images/payfirma-logo.svg

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a228975fd9db8c8d80d94fc77eadf7d6543e86972d41b2f5b6470179391f055c

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 66602
cf-request-id: 06f4afa0d800009772fb238000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Thu, 24 Sep 2020 21:00:25 GMT
server: cloudflare
etag: W/"5f6d08e9-7d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014ee15fab9772-FRA

GET
H2 200 merrco-logo.svg
www.payfirma.com/wp-content/themes/payfirma/dist/images/ 1 KB
775 B 31ms
27ms Image
image/svg+xml 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/themes/payfirma/dist/images/merrco-logo.svg

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6a3e4f403d70d912e781a3b5657641678e78efde23ee003fd45cd0ec6c43ac

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 66602
cf-request-id: 06f4afa0d9000097721f3f6000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Thu, 24 Sep 2020 21:00:25 GMT
server: cloudflare
etag: W/"5f6d08e9-517"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014ee15fad9772-FRA

GET
H2 200 easiest-way-to-accept-payments.png
www.payfirma.com/wp-content/uploads/2016/05/ 196 KB
197 KB 39ms
34ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2016/05/easiest-way-to-accept-payments.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

571f1cbf8db88389c02af4e4d76cd0f9ce6f1beda69f1f7218bd423125a935bd

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139615
cf-polished: origSize=201790
content-length: 200933
cf-request-id: 06f4afa0d90000977240a88000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:20 GMT
server: cloudflare
etag: "58c8d4b4-3143e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fae9772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 visa-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ 2 KB
2 KB 48ms
44ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2014/11/visa-icon-1.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

894c56361b7b1b5ccca175b91a0e8da14a579c283991ce2a56258e4900a27e32

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139615
cf-polished: origSize=15741
content-length: 1750
cf-request-id: 06f4afa0da000097723837e000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:22 GMT
server: cloudflare
etag: "58c8d4b6-3d7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15faf9772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 mastercard-icon-1.png
www.payfirma.com/wp-content/uploads/2017/01/ 3 KB
3 KB 35ms
31ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2017/01/mastercard-icon-1.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aff1a1de5eb5733c6230394354493e75039656f7c9d14028ca249b501faea57b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139615
cf-polished: origSize=17252
content-length: 2891
cf-request-id: 06f4afa0da00009772a02f7000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:18 GMT
server: cloudflare
etag: "58c8d4b2-4364"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fb09772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 american-express-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ 2 KB
2 KB 34ms
31ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2014/11/american-express-icon-1.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfa7313ee8ae084b765423383e4de6f05127357aaa559b4fc89f94a7a5d48b02

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 66601
cf-polished: origSize=16076
content-length: 2091
cf-request-id: 06f4afa0db00009772d49c7000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:22 GMT
server: cloudflare
etag: "58c8d4b6-3ecc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fb29772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 discover-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ 2 KB
2 KB 100ms
96ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2014/11/discover-icon-1.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd0bbc81a9ca75885b98cca2384cb6fbd3a39156b7fe16a1dc2c884e0badb70

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139615
cf-polished: origSize=15763
content-length: 1797
cf-request-id: 06f4afa0dc0000977233108000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:22 GMT
server: cloudflare
etag: "58c8d4b6-3d93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fb39772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 interac-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ 2 KB
2 KB 46ms
42ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2014/11/interac-icon-1.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3288fa0a59cd2b0516e638806773f2eb2ff36be2cdbdd4a7425fb855aec5bad4

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 66601
cf-polished: origSize=16069
content-length: 2049
cf-request-id: 06f4afa0dc0000977279b03000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:22 GMT
server: cloudflare
etag: "58c8d4b6-3ec5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fb49772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 apple-pay-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ 2 KB
2 KB 99ms
95ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2014/11/apple-pay-icon-1.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6e6bdce3879a5f1b62406f2b16404a9edeabfb685d601dce678eb2ff29a1b1

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139615
cf-polished: origSize=15780
content-length: 1787
cf-request-id: 06f4afa0dc00009772dd053000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:22 GMT
server: cloudflare
etag: "58c8d4b6-3da4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fb59772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 payfirma_fti_ecommerce.png
www.payfirma.com/wp-content/uploads/2016/05/ 89 KB
90 KB 39ms
36ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2016/05/payfirma_fti_ecommerce.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c07d84961c4264d6006f8fe77f11f1821b57d7f57ecaae6101c36e8ee230d997

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 480039
cf-polished: origSize=117311
content-length: 91603
cf-request-id: 06f4afa0dd000097727d2cc000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:20 GMT
server: cloudflare
etag: "58c8d4b4-1ca3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fb69772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 payfirma_fti_invoice.png
www.payfirma.com/wp-content/uploads/2016/05/ 32 KB
32 KB 49ms
45ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2016/05/payfirma_fti_invoice.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d0dcf7a02a336ebbfdbfa1f09be1804951abe6368e9d6443201628574a111f7

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 480038
cf-polished: origSize=59583
content-length: 32471
cf-request-id: 06f4afa0dd00009772e7914000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:20 GMT
server: cloudflare
etag: "58c8d4b4-e8bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fb89772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 payfirma-fti-mobile-payments.png
www.payfirma.com/wp-content/uploads/2016/05/ 85 KB
85 KB 44ms
41ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2016/05/payfirma-fti-mobile-payments.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e010909741f1b40febcabbf48ec75aabbf4f6abad47e64afe30e9fa55e6ef105

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 480039
cf-polished: origSize=115731
content-length: 86534
cf-request-id: 06f4afa0dd00009772459aa000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:20 GMT
server: cloudflare
etag: "58c8d4b4-1c413"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fb99772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 payfirma_fti_recurring.png
www.payfirma.com/wp-content/uploads/2016/05/ 39 KB
39 KB 72ms
69ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2016/05/payfirma_fti_recurring.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af5fd77da418c35a835bc78af12efb4a6b6b967550c1fd51461d0eceab9483d0

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 66601
cf-polished: origSize=66416
content-length: 39709
cf-request-id: 06f4afa0de00009772f497b000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:20 GMT
server: cloudflare
etag: "58c8d4b4-10370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fba9772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 AP20-Face-Payfirma-Branding.png
www.payfirma.com/wp-content/uploads/2020/03/ 57 KB
57 KB 44ms
41ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2020/03/AP20-Face-Payfirma-Branding.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b84f7f28c3ba7b7322a0e2d7635cc5fc34530d603495f7ed32a0a58fbfa85b7

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139615
cf-polished: origSize=64161
content-length: 58435
cf-request-id: 06f4afa0df00009772a329c000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 25 Mar 2020 19:56:45 GMT
server: cloudflare
etag: "5e7bb77d-faa1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fbc9772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 payfirma_fti_web.png
www.payfirma.com/wp-content/uploads/2016/05/ 38 KB
39 KB 42ms
39ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2016/05/payfirma_fti_web.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c032738c0bb57f74ab3b01bd79843b07f3d18da5cd8aad800ed00e458e23f62

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 66601
cf-polished: origSize=65232
content-length: 39262
cf-request-id: 06f4afa0df0000977208089000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:20 GMT
server: cloudflare
etag: "58c8d4b4-fed0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fbd9772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 payfirma_fti_integrations.png
www.payfirma.com/wp-content/uploads/2016/08/ 3 KB
3 KB 44ms
41ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2016/08/payfirma_fti_integrations.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3901fb12d29c314def656cf1f779ac52b3d21f1179d454130f087450b9ec9df0

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139615
cf-polished: origSize=5090
content-length: 3008
cf-request-id: 06f4afa0e6000097720808a000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:19 GMT
server: cloudflare
etag: "58c8d4b3-13e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fbe9772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 payfirma-integrations-hero.png
www.payfirma.com/wp-content/uploads/2016/08/ 169 KB
169 KB 42ms
40ms Image
image/png 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2016/08/payfirma-integrations-hero.png

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

266f8de801a2ffb6891598841c0a110e8e72f7573d9f7e52aaca93894ddc82c4

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139615
cf-polished: origSize=180430
content-length: 173163
cf-request-id: 06f4afa0e000009772fb239000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:19 GMT
server: cloudflare
etag: "58c8d4b3-2c0ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee15fc09772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 email-decode.min.js Show response
www.payfirma.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
869 B 11ms
11ms Script
application/javascript 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Dec 2020 17:14:28 GMT
server: cloudflare
etag: W/"5fd25774-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 60014ee09f589772-FRA
vary: Accept-Encoding
cf-request-id: 06f4afa05e00009772fb233000000001
expires: Sun, 13 Dec 2020 18:35:54 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 44ms
43ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11865
x-xss-protection: 0
server: cafe
etag: 18432201170715473949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Dec 2020 18:35:54 GMT

GET
H2 200 ctt-script.js Show response
www.payfirma.com/wp-content/plugins/click-to-tweet/js/ 14 KB
3 KB 40ms
40ms Script
application/javascript 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-content/plugins/click-to-tweet/js/ctt-script.js?ver=1.0.0

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b557684df0ea0c6d9cefce5735d183a031ba4644e61be1951dc3d329506f9637

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 345629
cf-request-id: 06f4afa09b0000977233105000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Nov 2017 07:58:09 GMT
server: cloudflare
etag: W/"5a0bf391-3636"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014ee0ff839772-FRA

GET
H2 200 wp-embed.min.js Show response
www.payfirma.com/wp-includes/js/ 1 KB
899 B 35ms
35ms Script
application/javascript 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-includes/js/wp-embed.min.js?ver=5.5.3

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 345629
cf-request-id: 06f4afa0a900009772a02f5000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: cloudflare
etag: W/"5db39083-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014ee10f929772-FRA

GET
H2 200 wp-emoji-release.min.js Show response
www.payfirma.com/wp-includes/js/ 14 KB
5 KB 44ms
41ms Script
application/javascript 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 305610
cf-request-id: 06f4afa0e10000977245097000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Mon, 15 Jun 2020 18:04:26 GMT
server: cloudflare
etag: W/"5ee7b82a-37a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 60014ee16fc29772-FRA

GET
H3-Q050 200 css
fonts.googleapis.com/ 21 KB
1 KB 45ms
30ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 18:19:27 GMT
server: ESF
date: Fri, 11 Dec 2020 18:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 18:35:53 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 8 KB
663 B 45ms
31ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1678dbfa1acaf623177ec3565f29bab94c07019f1843af1322e3f457ec39fc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 18:30:44 GMT
server: ESF
date: Fri, 11 Dec 2020 18:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 18:35:53 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 7 KB
620 B 44ms
30ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 16:43:36 GMT
server: ESF
date: Fri, 11 Dec 2020 18:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 18:35:53 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
609 B 43ms
30ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

939f0d4b0cef8ef02116b8c35fb0cfb66dba982b95d1379b0c6337e545b0a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 18:20:24 GMT
server: ESF
date: Fri, 11 Dec 2020 18:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 18:35:53 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
624 B 45ms
32ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,400italic,700italic,700

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

951a46f57bbcd40e1af08b7f7a6d4099abfc7e2934be2393540543a5f8a316c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 18:35:53 GMT
server: ESF
date: Fri, 11 Dec 2020 18:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 18:35:53 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 723 B
764 B 42ms
29ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mate:400,400italic

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb279fda0876f502b617739afc25d8e257be2ebadbf050f82df86a467a06bdc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 18:35:53 GMT
server: ESF
date: Fri, 11 Dec 2020 18:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 18:35:53 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 20 KB
1 KB 46ms
32ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,400italic,300italic,700,500italic,500,700italic

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cb8a74b801a51ff3583a349e61640557f5922929c12c2d75c71a28cc4a5b360

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 18:35:53 GMT
server: ESF
date: Fri, 11 Dec 2020 18:35:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 18:35:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
40 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P8ZXX5

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0f0ff2f41e2d87b5540e914edad01fe6c5a67d0cca530ac3462f7c281ab0636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41087
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Dec 2020 18:35:54 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payfirma.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 19:41:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 168857
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 09 Dec 2021 19:41:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payfirma.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 22:38:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 244662
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Wed, 08 Dec 2021 22:38:12 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payfirma.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 04:46:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 49763
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 11 Dec 2021 04:46:31 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payfirma.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:45:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 172214
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Thu, 09 Dec 2021 18:45:40 GMT

GET
H2 200 payfirma.woff
www.payfirma.com/wp-content/themes/payfirma/dist/fonts/ 11 KB
11 KB 34ms
34ms Font
font/woff 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.payfirma.com/wp-content/themes/payfirma/dist/fonts/payfirma.woff?v=2

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/wp-content/themes/payfirma/dist/styles/main.css?ver=20170425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f474f6b821b4581b1e3cb9a27cd3d03e2aaf6444be77ed7f1838360ef2db4fd

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Origin: https://www.payfirma.com
Referer: https://www.payfirma.com/wp-content/themes/payfirma/dist/styles/main.css?ver=20170425
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 243179
content-length: 10872
cf-request-id: 06f4afa0e300009772d49c8000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Thu, 24 Sep 2020 21:00:24 GMT
server: cloudflare
etag: "5f6d08e8-2a78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee16fc69772-FRA

GET
H3-Q050 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payfirma.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:45:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:34 GMT
server: sffe
age: 172212
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
expires: Thu, 09 Dec 2021 18:45:42 GMT

GET
H2 200 Payfirma_ebook_integration_fti-600x400.jpg
www.payfirma.com/wp-content/uploads/2018/02/ 15 KB
15 KB 25ms
24ms Image
image/jpeg 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2018/02/Payfirma_ebook_integration_fti-600x400.jpg

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02761c609397a6ba3c0d8a4e7ce7ef3ca2235c8efc60c61bc89a7436fcd21efd

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 66601
cf-polished: origSize=16837
content-length: 14879
cf-request-id: 06f4afa137000097727d2d4000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Thu, 08 Feb 2018 21:40:39 GMT
server: cloudflare
etag: "5a7cc3d7-41c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee1e8269772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Payfirma_ebook_integration_fti-600x400.jpg
www.payfirma.com/wp-content/uploads/2017/06/ 23 KB
23 KB 22ms
22ms Image
image/jpeg 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2017/06/Payfirma_ebook_integration_fti-600x400.jpg

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f1b5ed79b56b8a9d2bdabaa337871f680484cc0429fa73a1ac01f70573b6521

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 66601
cf-polished: origSize=25382
content-length: 23485
cf-request-id: 06f4afa13700009772a32a1000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Tue, 20 Jun 2017 22:29:12 GMT
server: cloudflare
etag: "5949a1b8-6326"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee1e8279772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 payfirma_whitepaper_2017theyearahed_fti-600x400.jpg
www.payfirma.com/wp-content/uploads/2017/01/ 17 KB
17 KB 47ms
47ms Image
image/jpeg 2606:4700:10::6814:73d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.payfirma.com/wp-content/uploads/2017/01/payfirma_whitepaper_2017theyearahed_fti-600x400.jpg

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:73d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60db601a86118a36bbfcb22e058252aae16252c757e36b7027ce2cf689b0dfa7

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 139615
cf-polished: origSize=20298
content-length: 17275
cf-request-id: 06f4afa138000097723310d000000001
public-key-pins: pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
last-modified: Wed, 15 Mar 2017 05:44:19 GMT
server: cloudflare
etag: "58c8d4b3-4f4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 60014ee1e8299772-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066247511/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066247511/?random=1607711754553&cv=9&fst=1607711754553&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.payfirma.com%2F&tiba=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6ed921b1407fa0cb91894b7ac27f3ab52d7be3022896384585c5481c25142be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-96481.js Show response
static.hotjar.com/c/ 12 KB
4 KB 63ms
27ms Script
application/javascript 65.9.73.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-96481.js?sv=5

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.9 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8216b13b03fc3ffa41627c7d380aea448056c205b717a4dc3f6763fe4c1708a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:29 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 25
etag: W/1e15ad7164977a24c0ab5465a2da0d60
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: LVPXwqgdWzbQf46NYLDHXB3sNiFQABnNcpTrfxNa8oAMzOvmQmXXlw==
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8ZXX5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2718
date: Fri, 11 Dec 2020 17:50:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 11 Dec 2020 19:50:36 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8ZXX5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Dec 2020 18:35:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-xss-protection: 0
pragma: public
x-fb-debug: sF3QOGatcMPforsweUPwSIpzVKjaOg6rfVe4Mc7SlbP6AE5pj9hAZn54PKyoUz4fj0t2sgjXUIHJP4AchEkLVA==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Fri, 11 Dec 2020 18:35:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 30ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.payfirma.com
URL: https://www.payfirma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:53 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 9E0B646790324C01A0D187CA0F60F219 Ref B: FRAEDGE1210 Ref C: 2020-12-11T18:35:54Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 /
www.google.com/pagead/1p-user-list/1066247511/ 42 B
108 B 38ms
37ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1066247511/?random=1607711754553&cv=9&fst=1607709600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.payfirma.com%2F&tiba=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&fmt=3&is_vtc=1&random=1728672623&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1066247511/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1066247511/?random=1607711754553&cv=9&fst=1607709600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.payfirma.com%2F&tiba=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&fmt=3&is_vtc=1&random=1728672623&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.9dd23155c7d4a9746d0b.js Show response
script.hotjar.com/ 222 KB
59 KB 72ms
22ms Script
application/javascript 65.9.73.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9dd23155c7d4a9746d0b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-96481.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.19 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

af1f298c793498fe8d6ad4006cff127be33466755c69ba3f28c58c23d9ceed55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 14:00:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16539
x-cache: Hit from cloudfront
content-length: 59490
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 13:57:00 GMT
etag: "019b2097ab02dbafab8c376bea41ecc2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: KVzk00y65WDDNs77bKhsIgMo1JP18nDoMC-SLLB3xoklsf6VWkzllg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-19493967-1&cid=330275818.1607711755&jid=635347878&gjid=311444980&_gid=909801917.1607711755&_u=YGBAgAABAAAAAE~&z=1311327218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Dec 2020 18:35:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.payfirma.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1319435990&t=pageview&_s=1&dl=https%3A%2F%2Fwww.payfirma.com%2F&ul=en-us&de=UTF-8&dt=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=635347878&gjid=311444980&cid=330275818.1607711755&tid=UA-19493967-1&_gid=909801917.1607711755&gtm=2wgbu0P8ZXX5&z=73288523

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Dec 2020 19:54:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81711
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1885838494974542 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1885838494974542?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

264f2c32e16859c4db4094f0cdacfefe2c0c25cdfd2fce12fa9f1104d31bf430

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 7411
x-xss-protection: 0
pragma: public
x-fb-debug: NkwDyw5bUtHu++kaKAZlfuFZD87xUJFiXwyvVd8SQiLCK9KyG8H+zLwjSmXRP10UVeNn9IQc6/p54DnciyjfEA==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Dec 2020 18:35:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1957180400
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
94 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4011850&Ver=2&mid=e45c75cb-2a45-4a91-a987-54e4e475a6f4&sid=b3e631a03bdf11eba9a0abba7f9eda6b&vid=b3e68f203bdf11eba547790ed977462d&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Payfirma%3A%20Accept%20Credit%20Cards,%20Merchant%20Services,%20Payment%20Processing&p=https%3A%2F%2Fwww.payfirma.com%2F&r=&lt=1737&evt=pageLoad&msclkid=N&sv=1&rn=773585
Requested by: Host: www.payfirma.com
URL: https://www.payfirma.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 11 Dec 2020 18:35:53 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: AAB6E67ECE0F4EE6BDFACB00BF0DCC04 Ref B: FRAEDGE1210 Ref C: 2020-12-11T18:35:54Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1885838494974542&ev=PageView&dl=https%3A%2F%2Fwww.payfirma.com%2F&rl=&if=false&ts=1607711754709&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=28&fbp=fb.1.1607711754706.1049053227&it=1607711754681&coo=false&rqm=GET

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 11 Dec 2020 18:35:54 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame C631 0
0 69ms
25ms Document
text/html 65.9.73.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-96481.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.payfirma.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.payfirma.com/

Response headers

content-type: text/html
content-length: 851
date: Wed, 04 Nov 2020 19:00:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Wed, 04 Nov 2020 16:31:53 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: gg1iB82_Gec4jHii4l2O11l3LKUwASyHK0JZ-Ee1h4QuKN_joFvvAA==
age: 3195322

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066247511/ 2 KB
1 KB 141ms
127ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066247511/?random=1607711754716&cv=9&fst=1607711754716&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.payfirma.com%2F&tiba=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e74f5955aa2d3243485ddb292e9f9c00db03ed86bec98a2d672c96439b5483d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1031
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952234304/ 2 KB
2 KB 135ms
124ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952234304/?random=1607711754720&cv=9&fst=1607711754720&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.payfirma.com%2F&tiba=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

625af7bc31eb2fcb9b98bcebd7ba5532aeeb478b9867a67c4bcfcdea7c7f4da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1031
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/96481/ 178 B
321 B 105ms
37ms XHR
application/json 52.208.57.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/96481/visit-data?sv=5
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9dd23155c7d4a9746d0b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.57.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-57-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Dec 2020 18:35:54 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H2 204 96481 Show response
vc.hotjar.io/sessions/ 0
258 B 95ms
46ms XHR
text/plain 13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/96481?s=0.25&r=0.12757376095215545
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9dd23155c7d4a9746d0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:54 GMT
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: kZF4I53b6lrpzeJH9DrfPcRVr7xCYJ5ZUO9zWoOE7rpj7s7c8yJMRQ==

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/952234304/ 42 B
530 B 50ms
34ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952234304/?random=1607711754720&cv=9&fst=1607709600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.payfirma.com%2F&tiba=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&async=1&fmt=3&is_vtc=1&random=3867388101&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/952234304/ 42 B
66 B 51ms
36ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952234304/?random=1607711754720&cv=9&fst=1607709600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.payfirma.com%2F&tiba=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&async=1&fmt=3&is_vtc=1&random=3867388101&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1066247511/ 42 B
66 B 66ms
53ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1066247511/?random=1607711754716&cv=9&fst=1607709600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.payfirma.com%2F&tiba=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&async=1&fmt=3&is_vtc=1&random=2205074358&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1066247511/ 42 B
530 B 46ms
35ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1066247511/?random=1607711754716&cv=9&fst=1607709600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbu0&sendb=1&frm=0&url=https%3A%2F%2Fwww.payfirma.com%2F&tiba=Payfirma%3A%20Accept%20Credit%20Cards%2C%20Merchant%20Services%2C%20Payment%20Processing&async=1&fmt=3&is_vtc=1&random=2205074358&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.payfirma.com
URL: https://www.payfirma.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 40 KB
13 KB 72ms
25ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.payfirma.com
URL: https://www.payfirma.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: eHeCFa11ZmebQv0hmrjMAs.eB.BPo.q4
Content-Encoding: gzip
ETag: "0aed5b94bc26ce0fe9e58d25dd314418"
x-amz-request-id: A153E367E4F64E44
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12695
x-amz-id-2: 1CcC1EKrieRTlAyvmM8I9czxbYiNWqUAlIg4XQoBWjKMxkmKs0MXuebcXJ5+1jv9UbHz74EL7Lo=
Last-Modified: Thu, 10 Dec 2020 18:09:34 GMT
Server: AmazonS3
Date: Fri, 11 Dec 2020 18:35:55 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/LFZ52RPCCRF3NFITZH366O/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

25ms
24ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NRd5BJy3mTVGILCcmBdUI4KKHh2sq935
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 7W9WAWDN1PDJ9K6T
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: NBvratIHE//44TPOypShMaCv/9QzRoRblXgrQhIlv+9B2ymzS7rKcZPf7Q+NJ4aV6oOIl9m1JcE=
Last-Modified: Wed, 02 Dec 2020 20:19:48 GMT
Server: AmazonS3
Date: Fri, 11 Dec 2020 18:35:55 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Fri, 11 Dec 2020 18:35:55 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/ 0
773 B 75ms
30ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: oxcXwd91OodcZ3vdB4up6zKGKn6G1dqm
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: E4BC37EF69E3E239
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: 8oQnr0aXRZ+VGk8k8WaEnnQx1aHW3nF5ZVOcPX+IQ244czWDbZbeo4XEiOMQDn3Ge3hzDpBCxNU=
Last-Modified: Thu, 10 Dec 2020 18:05:30 GMT
Server: AmazonS3
Date: Fri, 11 Dec 2020 18:35:55 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/LFZ52RPCCRF3NFITZH366O/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/LFZ52RPCCRF3NFITZH366O?_s=9696738bce5d235fce368e4eb83f9b1f&_b=2
https://d.adroll.com/consent/check/LFZ52RPCCRF3NFITZH366O/?_s=9696738bce5d235fce368e4eb83f9b1f&_b=2

392 B
860 B

42ms
41ms

Script
application/javascript

54.77.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/LFZ52RPCCRF3NFITZH366O/?_s=9696738bce5d235fce368e4eb83f9b1f&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-74-200.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 7a546154380be5257658f90ebfc66f8c2964f2c450d1e94837214cab9acab463

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 392
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/LFZ52RPCCRF3NFITZH366O/?_s=9696738bce5d235fce368e4eb83f9b1f&_b=2
date: Fri, 11 Dec 2020 18:35:55 GMT
server: nginx/1.18.0
content-length: 105

GET
H/1.1

200
OK

7DMKJ5AWLRH7JBJAJZVIIP.js Show response
s.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/
Redirect Chain

https://d.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&pv=78267047993.1...
https://s.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/7DMKJ5AWLRH7JBJAJZVIIP.js

4 KB
2 KB

27ms
27ms

Script
text/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/7DMKJ5AWLRH7JBJAJZVIIP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8d79abd9e2efb13d4d85a891904f5604dccab8a6143796097fd1f58b65643841

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: GjIl0Qmv0RFDE6mnPxd9.Y5G8OviIsbC
Content-Encoding: gzip
ETag: "aad7f378900dab2562a75f873f7c2f6b"
x-amz-request-id: 2B37302D437317FB
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1517
x-amz-id-2: 4E1Ucrxkg2tkPPl+Wc8duv7xMPC5UkG9c5UVl0NkhYR5tCjUSH4BfbuJM6M6EQmkIgjRBpCmLiM=
Last-Modified: Tue, 08 Dec 2020 23:40:25 GMT
Server: AmazonS3
Date: Fri, 11 Dec 2020 18:35:55 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: */
date: Fri, 11 Dec 2020 18:35:55 GMT
x-segment-eid: 7DMKJ5AWLRH7JBJAJZVIIP
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/7DMKJ5AWLRH7JBJAJZVIIP.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: payfirma-home-page
x-pixel-eid: KBEOT3IXI5AZDPZAHIS2Z6
x-segment-name: payfirma-home-page
x-advertisable-eid: LFZ52RPCCRF3NFITZH366O
content-length: 0
x-conversion-currency

GET
H2 200 761212920617345 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/761212920617345?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

94886fc24e4bd35e1ef725afdfd07c203c8a377a29bcec321e6e03bc8bd5bb52

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70191
x-xss-protection: 0
pragma: public
x-fb-debug: Ci7ItblA4/jiLSHUmEnacYnEPCLzrhzIsOfvqKhsiWNRTORuDx95ARlsSzbGc71DUrI0V6WwP7nhITNfErEyfg==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Dec 2020 18:35:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1926208181
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://pixel.advertising.com/ups/55980/sync?uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
125 B

71ms
25ms

Image
text/plain

3.124.119.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55980/sync?uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.119.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-119-192.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:55 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55980/sync?uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 167
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expiration=1639247755
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expiration=1639247755&C=1

43 B
1 KB

74ms
73ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expiration=1639247755&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 18:35:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Dec 2020 18:35:55 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 18:35:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expiration=1639247755&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Fri, 11 Dec 2020 18:35:55 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expires=365

0
239 B

104ms
24ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&expires=365
pragma: no-cache
date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&rdrctExp=true

0
477 B

91ms
90ms

Image
text/plain

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 18:35:55 GMT
Cache-Control: no-cache
X-TraceId: 31f13b8f57de2fe0298cb60b109eb03d
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&rdrctExp=true
Date: Fri, 11 Dec 2020 18:35:55 GMT
X-TraceId: a3410339e2bfa4044d3f9f5cec555069
Content-Length: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
1010 B

85ms
21ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 11 Dec 2020 18:35:53 GMT
X-lat: Pug23040:0:230
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 220
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
500 B

37ms
37ms

Image
image/gif

54.77.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-74-200.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: image/gif
content-length: 42
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

date: Fri, 11 Dec 2020 18:35:55 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg

0
217 B

59ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.117:10213
date: Fri, 11 Dec 2020 18:35:55 GMT
server: nginx
x-fastly-to-nlb-rtt: 1985

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg
pragma: no-cache
date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://eb2.3lift.com/xuid?mid=4714&xuid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

25ms
24ms

Image
image/gif

52.29.22.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.22.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-22-19.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://x.bidswitch.net/sync?dsp_id=44&user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg

43 B
411 B

30ms
29ms

Image
image/gif

52.57.47.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.47.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-47-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg
date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://ib.adnxs.com/setuid?entity=172&code=NGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg

43 B
1 KB

19ms
18ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 18:35:55 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid: b9b07c68-cf3f-4798-8315-95dd14813316
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 18:35:55 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.85:80
AN-X-Request-Uuid: 39ef457f-e4c9-4640-9e3a-63bb5b603337
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNGM1ZmM4Y2Y0ZjBkOTkyNzRiODY2MDFlNTgxMjIyNjg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 40ms
39ms Image
image/gif 54.77.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-74-200.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:55 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O
https://us-u.openx.net/w/1.0/sd?id=537103138&val=4c5fc8cf4f0d99274b86601e58122268
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=4c5fc8cf4f0d99274b86601e58122268

43 B
180 B

27ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=4c5fc8cf4f0d99274b86601e58122268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.198.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:55 GMT
via: 1.1 google
server: OXGW/16.198.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=4c5fc8cf4f0d99274b86601e58122268
date: Fri, 11 Dec 2020 18:35:55 GMT
via: 1.1 google
server: OXGW/16.198.2
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=99784b2614983edd265918ec01be8e02-1607711755183&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O&google_nid=adroll4
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=TF_Iz08NmSdLhmAeWBIiaA
https://d.adroll.com/cm/g/in

42 B
536 B

33ms
32ms

Image
image/gif

54.77.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-74-200.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:55 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Fri, 11 Dec 2020 18:35:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=761212920617345&ev=PageView&dl=https%3A%2F%2Fwww.payfirma.com%2F&rl=&if=false&ts=1607711755284&cd[segment_eid]=7DMKJ5AWLRH7JBJAJZVIIP&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=29&fbp=fb.1.1607711754706.1049053227&it=1607711754681&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.payfirma.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:35:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 11 Dec 2020 18:35:55 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.payfirma.com/	1970-01-19 14:35:13	Name: _hjAbsoluteSessionInProgress Value: 1
.payfirma.com/	1970-01-19 23:20:47	Name: _hjid Value: fa647d04-2c21-4610-b249-6b1057ae3910
.payfirma.com/	1970-01-19 16:44:47	Name: _fbp Value: fb.1.1607711754706.1049053227
.payfirma.com/	1970-01-19 14:36:38	Name: _uetsid Value: b3e631a03bdf11eba9a0abba7f9eda6b
.payfirma.com/	1970-01-19 14:35:11	Name: _dc_gtm_UA-19493967-1 Value: 1
www.payfirma.com/	1970-01-19 14:35:11	Name: _hjIncludedInPageviewSample Value: 1
.payfirma.com/	1970-01-19 14:35:13	Name: _hjFirstSeen Value: 1
.payfirma.com/	1970-01-19 15:18:23	Name: __cfduid Value: d1dd04dc883c97d87565d8345579ffcfb1607711752
.payfirma.com/	1970-01-20 08:06:23	Name: _ga Value: GA1.2.330275818.1607711755
.payfirma.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.payfirma.com/	1970-01-19 14:58:35	Name: _uetvid Value: b3e68f203bdf11eba547790ed977462d
.payfirma.com/	1970-01-19 14:36:38	Name: _gid Value: GA1.2.909801917.1607711755

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Public-Key-Pins	pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report"
Strict-Transport-Security	max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
bat.bing.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
in.hotjar.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
script.hotjar.com
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
us-u.openx.net
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.payfirma.com
x.bidswitch.net
13.226.155.59
141.226.228.48
172.217.18.2
185.33.221.13
185.64.190.80
2.18.233.40
2.18.234.21
2606:4700:10::6814:73d
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::200a
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:816::2002
2a00:1450:4001:816::2003
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.119.192
34.98.64.218
52.208.57.208
52.29.22.19
52.57.47.211
54.77.74.200
65.9.73.19
65.9.73.36
65.9.73.9
69.173.144.138
70.42.32.127
02761c609397a6ba3c0d8a4e7ce7ef3ca2235c8efc60c61bc89a7436fcd21efd
09494b789c55d639e0aabeffc59433963f0e8e766baba0fea88eae8a63c40ccd
0d17268aba1b35169f50de00887134b1e3cfeb43b1a7f64a0f064aeb7132792b
0f474f6b821b4581b1e3cb9a27cd3d03e2aaf6444be77ed7f1838360ef2db4fd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
157b1ba72ca11963783c44b2418e72be96e30cad00ad562a6bd9e23d1e53756e
1678dbfa1acaf623177ec3565f29bab94c07019f1843af1322e3f457ec39fc73
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f1b5ed79b56b8a9d2bdabaa337871f680484cc0429fa73a1ac01f70573b6521
2393f93c7fb70f340d981366adccee7b61da91c3fbce463f128b31b94659657c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264f2c32e16859c4db4094f0cdacfefe2c0c25cdfd2fce12fa9f1104d31bf430
266f8de801a2ffb6891598841c0a110e8e72f7573d9f7e52aaca93894ddc82c4
2b84f7f28c3ba7b7322a0e2d7635cc5fc34530d603495f7ed32a0a58fbfa85b7
3288fa0a59cd2b0516e638806773f2eb2ff36be2cdbdd4a7425fb855aec5bad4
3901fb12d29c314def656cf1f779ac52b3d21f1179d454130f087450b9ec9df0
3e74f5955aa2d3243485ddb292e9f9c00db03ed86bec98a2d672c96439b5483d
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c032738c0bb57f74ab3b01bd79843b07f3d18da5cd8aad800ed00e458e23f62
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
571f1cbf8db88389c02af4e4d76cd0f9ce6f1beda69f1f7218bd423125a935bd
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60db601a86118a36bbfcb22e058252aae16252c757e36b7027ce2cf689b0dfa7
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
625af7bc31eb2fcb9b98bcebd7ba5532aeeb478b9867a67c4bcfcdea7c7f4da3
63796d683841c242bdd76d2c118f3b1a78516d5e2c4f94ce47c41141d7c89286
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7a546154380be5257658f90ebfc66f8c2964f2c450d1e94837214cab9acab463
7b6e6bdce3879a5f1b62406f2b16404a9edeabfb685d601dce678eb2ff29a1b1
7d0dcf7a02a336ebbfdbfa1f09be1804951abe6368e9d6443201628574a111f7
8216b13b03fc3ffa41627c7d380aea448056c205b717a4dc3f6763fe4c1708a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
894c56361b7b1b5ccca175b91a0e8da14a579c283991ce2a56258e4900a27e32
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8cb8a74b801a51ff3583a349e61640557f5922929c12c2d75c71a28cc4a5b360
8d79abd9e2efb13d4d85a891904f5604dccab8a6143796097fd1f58b65643841
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
90fb2f5f47284fb9f0acd6ad0ccf68d6872aeb0888e51df065ffc70accebd35d
939f0d4b0cef8ef02116b8c35fb0cfb66dba982b95d1379b0c6337e545b0a5f3
94886fc24e4bd35e1ef725afdfd07c203c8a377a29bcec321e6e03bc8bd5bb52
951a46f57bbcd40e1af08b7f7a6d4099abfc7e2934be2393540543a5f8a316c7
952601684d33c423bf905a8382dcf436a1de66e118d6f51e21a6e4c0851d9826
9d37b252a43bb8921694deaa7427fffe15965fa3e6c0805e39ae7dec67d68526
a228975fd9db8c8d80d94fc77eadf7d6543e86972d41b2f5b6470179391f055c
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
af1f298c793498fe8d6ad4006cff127be33466755c69ba3f28c58c23d9ceed55
af5fd77da418c35a835bc78af12efb4a6b6b967550c1fd51461d0eceab9483d0
aff1a1de5eb5733c6230394354493e75039656f7c9d14028ca249b501faea57b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b557684df0ea0c6d9cefce5735d183a031ba4644e61be1951dc3d329506f9637
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfa7313ee8ae084b765423383e4de6f05127357aaa559b4fc89f94a7a5d48b02
c07d84961c4264d6006f8fe77f11f1821b57d7f57ecaae6101c36e8ee230d997
c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a
d0f0ff2f41e2d87b5540e914edad01fe6c5a67d0cca530ac3462f7c281ab0636
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
ddd0bbc81a9ca75885b98cca2384cb6fbd3a39156b7fe16a1dc2c884e0badb70
e010909741f1b40febcabbf48ec75aabbf4f6abad47e64afe30e9fa55e6ef105
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e6ed921b1407fa0cb91894b7ac27f3ab52d7be3022896384585c5481c25142be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6a3e4f403d70d912e781a3b5657641678e78efde23ee003fd45cd0ec6c43ac
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fb279fda0876f502b617739afc25d8e257be2ebadbf050f82df86a467a06bdc1
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

www.payfirma.com Open in urlscan Pro 2606:4700:10::6814:73d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

91 Requests

100 %HTTPS

49 %IPv6

27 Domains

33 Subdomains

34 IPs

7 Countries

1317 kBTransfer

2639 kBSize

12 Cookies

8 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.payfirma.com Open in urlscan Pro
2606:4700:10::6814:73d Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

100 %
HTTPS

49 %
IPv6

27
Domains

33
Subdomains

34
IPs

7
Countries

1317 kB
Transfer

2639 kB
Size

12
Cookies

91 HTTP transactions
0 data transactions