verify.paynow.co.zw Open in urlscan Pro
2606:4700:3030::6812:2558  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response verify.paynow.co.zw/	54 KB 18 KB	655ms 605ms	Document text/html	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 304ece25ce91a2977c112cb437fe2f0cffb706c1ddedf63541dca28e8cf6f359 Request headers :method GET :authority verify.paynow.co.zw :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Tue, 17 Mar 2020 14:37:11 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d0849044891f0de216430e8eda87dc27f1584455830; expires=Thu, 16-Apr-20 14:37:10 GMT; path=/; domain=.paynow.co.zw; HttpOnly; SameSite=Lax link <https://verify.paynow.co.zw/wp-json/>; rel="https://api.w.org/", <https://verify.paynow.co.zw/>; rel=shortlink vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5757734d49a7bedd-FRA content-encoding br
GET H2	200	style.css verify.paynow.co.zw/wp-content/themes/twentyseventeen/	81 KB 15 KB	769ms 767ms	Stylesheet text/css	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-content/themes/twentyseventeen/style.css?ver=4.9.13 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5518adb113efbbb76f7617c0b3069de0048a570cccfa95d707460d1b1219c91b Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 17 Mar 2020 14:37:11 GMT content-encoding br cf-cache-status MISS last-modified Mon, 24 Sep 2018 14:12:39 GMT server cloudflare etag W/"144bc-5769e94f9b4a0-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 575773511ffbbedd-FRA
GET H2	200	css fonts.googleapis.com/	7 KB 756 B	20ms 18ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0b921c893d56c50550e3d9ff71011c403d3303bdc5f48a5f08882ba36afea08c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Mar 2020 14:37:11 GMT server ESF date Tue, 17 Mar 2020 14:37:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Mar 2020 14:37:11 GMT
GET H2	200	style.css verify.paynow.co.zw/wp-content/themes/paynow-mvp/	18 KB 4 KB	584ms 582ms	Stylesheet text/css	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-content/themes/paynow-mvp/style.css?ver=4.9.13 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 450d4b8acc72550f454464decc99121b3614fb50e801f64d119143331994ffc6 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 17 Mar 2020 14:37:11 GMT content-encoding br cf-cache-status MISS last-modified Fri, 13 Sep 2019 12:55:33 GMT server cloudflare etag W/"48ad-5926ec5076318-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 575773511ffdbedd-FRA
GET H2	200	jquery.js Show response verify.paynow.co.zw/wp-includes/js/jquery/	95 KB 32 KB	774ms 772ms	Script application/javascript	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-includes/js/jquery/jquery.js?ver=1.12.4 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:11 GMT content-encoding br cf-cache-status MISS last-modified Thu, 05 Sep 2019 07:47:27 GMT server cloudflare etag W/"17a6a-591c98876d48a-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575773511fffbedd-FRA
GET H2	200	jquery-migrate.min.js Show response verify.paynow.co.zw/wp-includes/js/jquery/	10 KB 4 KB	3183ms 3181ms	Script application/javascript	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:14 GMT content-encoding br cf-cache-status MISS last-modified Mon, 24 Sep 2018 14:12:24 GMT server cloudflare etag W/"2748-5769e940d2181-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575773511800bedd-FRA
GET H2	200	main.js Show response verify.paynow.co.zw/wp-content/themes/paynow-mvp/js/	5 KB 2 KB	2178ms 2176ms	Script application/javascript	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-content/themes/paynow-mvp/js/main.js?ver=1.1 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a1112dee8ee1b01f36241ef29329be086153032df75975bc71e7cef20130fd2 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:13 GMT content-encoding br cf-cache-status MISS last-modified Fri, 13 Sep 2019 12:56:26 GMT server cloudflare etag W/"140b-5926ec82d7b6a-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575773511802bedd-FRA
GET H2	200	skip-link-focus-fix.js Show response verify.paynow.co.zw/wp-content/themes/twentyseventeen/assets/js/	683 B 430 B	1177ms 1175ms	Script application/javascript	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:12 GMT content-encoding br cf-cache-status MISS last-modified Mon, 24 Sep 2018 14:14:26 GMT server cloudflare etag W/"2ab-5769e9b4d9863-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575773511803bedd-FRA
GET H2	200	navigation.js Show response verify.paynow.co.zw/wp-content/themes/twentyseventeen/assets/js/	4 KB 1 KB	2174ms 2173ms	Script application/javascript	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=1.0 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5dc8a0ea6886f4daba8c6e6b722071a21796725c2c59ea0ce264d0d7019de52 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:13 GMT content-encoding br cf-cache-status MISS last-modified Mon, 24 Sep 2018 14:14:26 GMT server cloudflare etag W/"eaa-5769e9b510365-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575773511805bedd-FRA
GET H2	200	global.js Show response verify.paynow.co.zw/wp-content/themes/twentyseventeen/assets/js/	8 KB 2 KB	636ms 634ms	Script application/javascript	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df64e42095343505664a1d694617e4eec445c3e808f16467184a2f5b606c0b3a Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:11 GMT content-encoding br cf-cache-status MISS last-modified Mon, 24 Sep 2018 14:14:26 GMT server cloudflare etag W/"1e02-5769e9b4f9c04-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575773511806bedd-FRA
GET H2	200	jquery.scrollTo.js Show response verify.paynow.co.zw/wp-content/themes/twentyseventeen/assets/js/	6 KB 2 KB	580ms 578ms	Script application/javascript	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:11 GMT content-encoding br cf-cache-status MISS last-modified Mon, 24 Sep 2018 14:14:26 GMT server cloudflare etag W/"16cc-5769e9b5170c5-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575773511807bedd-FRA
GET H2	200	wp-embed.min.js Show response verify.paynow.co.zw/wp-includes/js/	1 KB 738 B	636ms 635ms	Script application/javascript	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-includes/js/wp-embed.min.js?ver=4.9.13 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:11 GMT content-encoding br cf-cache-status MISS last-modified Thu, 13 Dec 2018 08:13:05 GMT server cloudflare etag W/"57b-57ce2e2603cb3-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575773511808bedd-FRA
GET H2	200	wp-emoji-release.min.js Show response verify.paynow.co.zw/wp-includes/js/	12 KB 4 KB	624ms 624ms	Script application/javascript	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-includes/js/wp-emoji-release.min.js?ver=4.9.13 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:11 GMT content-encoding br cf-cache-status MISS last-modified Mon, 24 Sep 2018 14:11:45 GMT server cloudflare etag W/"2efa-5769e91bc9872-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 57577351281ebedd-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	75 KB 28 KB	43ms 42ms	Script application/javascript	2a00:1450:4001:817::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-126552230-1 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ab3be65141fb922eb6ed1a452f7ac714c66e30eba1f1053b6bae7eec32ac1c60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:11 GMT content-encoding br status 200 strict-transport-security max-age=31536000; includeSubDomains alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28551 x-xss-protection 0 last-modified Tue, 17 Mar 2020 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 17 Mar 2020 14:37:11 GMT
GET H2	200	paynow-logo-white.png verify.paynow.co.zw/wp-content/themes/paynow-mvp/	3 KB 3 KB	1207ms 1207ms	Image image/png	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://verify.paynow.co.zw/wp-content/themes/paynow-mvp/paynow-logo-white.png Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33246b57c417824c2d682772d2eaaa8d7ec8e00430e36fc706efe0409e079e01 Request headers Referer https://verify.paynow.co.zw/wp-content/themes/paynow-mvp/style.css?ver=4.9.13 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 14:37:15 GMT cf-cache-status MISS last-modified Mon, 24 Sep 2018 14:12:44 GMT server cloudflare etag "a52-5769e953e300e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 575773650f06bedd-FRA content-length 2642
GET H2	200	jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2 fonts.gstatic.com/s/librefranklin/v4/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:815::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librefranklin/v4/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f707ac905bc601e7c615efef3341229528ef740fdea765fc4c98eec658670856 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext Origin https://verify.paynow.co.zw Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 25 Feb 2020 00:39:44 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:20:05 GMT server sffe age 1864650 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14092 x-xss-protection 0 expires Wed, 24 Feb 2021 00:39:44 GMT
GET H2	200	jizAREVItHgc8qDIbSTKq4XkRi24_SI0q1vjitOh.woff2 fonts.gstatic.com/s/librefranklin/v4/	14 KB 14 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:815::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librefranklin/v4/jizAREVItHgc8qDIbSTKq4XkRi24_SI0q1vjitOh.woff2 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 75bac41f9892f4fadbd7355e6d863f2d74262f15047caa3dfd92b9e38423dfd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext Origin https://verify.paynow.co.zw Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 27 Feb 2020 08:04:52 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:21:33 GMT server sffe age 1665142 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14436 x-xss-protection 0 expires Fri, 26 Feb 2021 08:04:52 GMT
GET H2	200	jizAREVItHgc8qDIbSTKq4XkRi20-SI0q1vjitOh.woff2 fonts.gstatic.com/s/librefranklin/v4/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:815::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librefranklin/v4/jizAREVItHgc8qDIbSTKq4XkRi20-SI0q1vjitOh.woff2 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ded56bc9bd7e0bd13cbbbad86164d34c60d884199a77118920bff4d2c0c93ed7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext Origin https://verify.paynow.co.zw Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 09 Mar 2020 08:22:33 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:20:23 GMT server sffe age 713681 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14036 x-xss-protection 0 expires Tue, 09 Mar 2021 08:22:33 GMT
GET H2	200	1cab3703h Show response embed.tawk.to/5a8fccf4d7591465c707f078/	502 KB 110 KB	699ms 698ms	Script application/x-javascript	2606:4700:10::6814:f34f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5806fe1ab5abeb1e372b832413ebab68c7451d6eb1014a193e6d9d201f93cde Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ Origin https://verify.paynow.co.zw Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Mar 2020 14:37:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS server cloudflare access-control-allow-origin * etag W/"fulls68114" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=14400, s-maxage=3600 strict-transport-security max-age=0; includeSubDomains; preload cf-ray 57577365499597d8-FRA
GET H2	200	quotes.json Show response verify.paynow.co.zw/wp-content/themes/paynow-mvp/js/	240 KB 62 KB	2135ms 2135ms	Fetch application/json	2606:4700:3030::6812:2558 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.paynow.co.zw/wp-content/themes/paynow-mvp/js/quotes.json Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/wp-content/themes/paynow-mvp/js/main.js?ver=1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:2558 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adaa6ef452a9265294483ce2fa135abc524a45fa96ad8766ddf811281f1b1251 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers date Tue, 17 Mar 2020 14:37:16 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 24 Sep 2018 14:13:35 GMT server cloudflare etag W/"3c096-5769e9845c4f9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/json status 200 cf-ray 575773655f72bedd-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:815::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-126552230-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 222 date Tue, 17 Mar 2020 14:33:32 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 18174 expires Tue, 17 Mar 2020 16:33:32 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 101 B	14ms 14ms	Image image/gif	2a00:1450:4001:815::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1888870094&t=pageview&_s=1&dl=https%3A%2F%2Fverify.paynow.co.zw%2F&ul=en-us&de=UTF-8&dt=Paynow%20Merchants%27%20Verifications%20Portal%20%E2%80%93%20Zimbabwe%27s%20Leading%20Online%20Payments%20Gateway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1592519904&gjid=214034501&cid=1206884126.1584455834&tid=UA-126552230-1&_gid=1343172072.1584455834&_r=1&gtm=2ou340&z=633799894 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Tue, 17 Mar 2020 14:37:14 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame 6768	8 KB 793 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Mar 2020 14:37:15 GMT server ESF date Tue, 17 Mar 2020 14:37:15 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Mar 2020 14:37:15 GMT
GET H2	200	css fonts.googleapis.com/ Frame 5264	8 KB 747 B	19ms 19ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Mar 2020 14:37:15 GMT server ESF date Tue, 17 Mar 2020 14:37:15 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Mar 2020 14:37:15 GMT
GET H2	200	css fonts.googleapis.com/ Frame 9DCF	8 KB 747 B	18ms 18ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Mar 2020 14:37:15 GMT server ESF date Tue, 17 Mar 2020 14:37:15 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Mar 2020 14:37:15 GMT
GET H2	200	css fonts.googleapis.com/ Frame D33E	8 KB 747 B	19ms 18ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 17 Mar 2020 14:37:15 GMT server ESF date Tue, 17 Mar 2020 14:37:15 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 17 Mar 2020 14:37:15 GMT
GET H2	200	emojione.min.css cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame D33E	192 B 198 B	12ms 12ms	Stylesheet text/css	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 17 Mar 2020 14:37:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 12121761 cf-ray 5757736adc92c2f9-FRA x-cache HIT, HIT status 200 vary Accept-Encoding x-served-by cache-ams21037-AMS, cache-fra19142-FRA server cloudflare etag W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin *
GET H2	200	emojione.min.js Show response cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame D33E	295 KB 36 KB	13ms 13ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 17 Mar 2020 14:37:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 12121762 cf-ray 5757736adc96c2f9-FRA x-cache HIT, HIT status 200 vary Accept-Encoding x-served-by cache-ams21034-AMS, cache-hhn4075-HHN server cloudflare etag W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin *
POST H2	200	1584455835337 Show response va.tawk.to/register/	737 B 1 KB	199ms 199ms	XHR application/json	2606:4700:10::6814:f34f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/register/1584455835337 Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1020099db9af9bedf000abe9614c73c778d2a2668d15124c73c7b09145962409 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ Origin https://verify.paynow.co.zw Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 17 Mar 2020 14:37:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' status 200 vary Accept-Encoding x-served-by visitor-application-preemptive-g440 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload access-control-allow-methods POST content-type application/json access-control-allow-origin https://verify.paynow.co.zw cache-control no-cache access-control-allow-credentials true cf-ray 5757736adc6b636b-FRA access-control-allow-headers origin, content-type
GET H/1.1	200 OK	paynow-logo-blue.png www.paynow.co.zw/Content/icons/	1 KB 1 KB	853ms 214ms	Image image/png	196.44.182.165 CABS
General Check archive.org Show headers Download Go to Show image Full URL https://www.paynow.co.zw/Content/icons/paynow-logo-blue.png Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 196.44.182.165 , Zimbabwe, ASN31856 (CABS, ZW), Reverse DNS 165-182-44-196.broadband.yoafrica.com Software Microsoft-IIS/8.0 / ASP.NET Resource Hash 6dd40a3e5fe398cd3e3b7eaaf00382f4e6020cf49e21c0f73c4278b5e5fc41c2 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://verify.paynow.co.zw/wp-content/themes/paynow-mvp/style.css?ver=4.9.13 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 17 Mar 2020 14:37:13 GMT ETag "0375ebd5ad0d51:0" Last-Modified Tue, 21 Jan 2020 13:00:22 GMT Server Microsoft-IIS/8.0 X-Powered-By ASP.NET X-Frame-Options SAMEORIGIN Content-Type image/png Accept-Ranges bytes Content-Length 1256
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/ Frame 9DCF	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:815::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext Origin https://verify.paynow.co.zw Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Mar 2020 00:02:28 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe age 1089287 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14044 x-xss-protection 0 expires Fri, 05 Mar 2021 00:02:28 GMT
GET H2	200	/ Show response vsa27.tawk.to/s/	101 B 178 B	129ms 127ms	XHR application/octet-stream	2606:4700:10::6814:f34f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vsa27.tawk.to/s/?k=5e70e09bfd270e0d962b45de&u=oS5xErI1lGtWJuQ4Q%2FkCaugr%2FxsTzOfm0ZpvNqIQpAZF%2FTgg0oKfMtj%2Fxs4FgKGi&uv=2&a=5a8fccf4d7591465c707f078&cver=0&pop=false&w=iyW7vY&jv=681&asver=14201&ust=false&p=Paynow%20Merchants%27%20Verifications%20Portal%20%E2%80%93%20Zimbabwe%27s%20Leading%20Online%20Payments%20Gateway&r=&EIO=3&transport=polling&__t=N3exL-T Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccb9ee75c19ee6795950cb1bcbeebcd250ab0e0d7a296e9947335644415795d0 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ Origin https://verify.paynow.co.zw Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Mar 2020 14:37:15 GMT x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/octet-stream access-control-allow-origin https://verify.paynow.co.zw access-control-allow-credentials true cf-ray 5757736c2d64636b-FRA content-length 101
GET H2	200	26a1.png cdn.jsdelivr.net/emojione/assets/png/ Frame D33E	413 B 570 B	12ms 12ms	Image image/png	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7 Requested by Host: verify.paynow.co.zw URL: https://verify.paynow.co.zw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 17 Mar 2020 14:37:15 GMT x-content-type-options nosniff cf-cache-status HIT age 3392359 cf-ray 5757736c2fdbc2f9-FRA x-cache HIT status 200 vary Accept-Encoding content-length 413 x-served-by cache-fra19182-FRA server cloudflare etag W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	/ Show response vsa27.tawk.to/s/	532 B 616 B	533ms 533ms	XHR application/octet-stream	2606:4700:10::6814:f34f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vsa27.tawk.to/s/?k=5e70e09bfd270e0d962b45de&u=oS5xErI1lGtWJuQ4Q%2FkCaugr%2FxsTzOfm0ZpvNqIQpAZF%2FTgg0oKfMtj%2Fxs4FgKGi&uv=2&a=5a8fccf4d7591465c707f078&cver=0&pop=false&w=iyW7vY&jv=681&asver=14201&ust=false&p=Paynow%20Merchants%27%20Verifications%20Portal%20%E2%80%93%20Zimbabwe%27s%20Leading%20Online%20Payments%20Gateway&r=&EIO=3&transport=polling&__t=N3exM0X&sid=OUqzrnq5cIyhqnlbjinK Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76a8528cbfe10bb37fbe52368e91ea0c9892e82c68c070bf55ed973573d9f6d4 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ Origin https://verify.paynow.co.zw Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Mar 2020 14:37:16 GMT x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/octet-stream access-control-allow-origin https://verify.paynow.co.zw access-control-allow-credentials true cf-ray 5757736d0df1636b-FRA content-length 532
POST H2	200	v3 Show response va.tawk.to/log-performance/	5 B 193 B	152ms 152ms	XHR text/html	2606:4700:10::6814:f34f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/log-performance/v3 Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ Origin https://verify.paynow.co.zw Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 17 Mar 2020 14:37:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC status 200 vary Accept-Encoding x-served-by visitor-application-preemptive-5n8s server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload access-control-allow-methods POST content-type text/html; charset=utf-8 access-control-allow-origin https://verify.paynow.co.zw access-control-allow-credentials true cf-ray 57577370588b636b-FRA access-control-allow-headers origin, content-type
GET H2	200	/ Show response vsa27.tawk.to/s/	4 B 64 B	195ms 195ms	XHR application/octet-stream	2606:4700:10::6814:f34f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vsa27.tawk.to/s/?k=5e70e09bfd270e0d962b45de&u=oS5xErI1lGtWJuQ4Q%2FkCaugr%2FxsTzOfm0ZpvNqIQpAZF%2FTgg0oKfMtj%2Fxs4FgKGi&uv=2&a=5a8fccf4d7591465c707f078&cver=0&pop=false&w=iyW7vY&jv=681&asver=14201&ust=false&p=Paynow%20Merchants%27%20Verifications%20Portal%20%E2%80%93%20Zimbabwe%27s%20Leading%20Online%20Payments%20Gateway&r=&EIO=3&transport=polling&__t=N3exM8u&sid=OUqzrnq5cIyhqnlbjinK Requested by Host: embed.tawk.to URL: https://embed.tawk.to/5a8fccf4d7591465c707f078/1cab3703h Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:f34f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.paynow.co.zw/ Origin https://verify.paynow.co.zw Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 17 Mar 2020 14:37:16 GMT x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/octet-stream access-control-allow-origin https://verify.paynow.co.zw access-control-allow-credentials true cf-ray 57577370588d636b-FRA content-length 4

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery function| getRandomInt function| CBPFWTabs object| twentyseventeenScreenReaderText object| jQuery112409384773916583813 function| gtag object| dataLayer object| Tawk_API object| Tawk_LoadStart object| target object| observer object| config object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.paynow.co.zw/	1970-01-19 08:50:47	Name: __cfduid Value: df7456faa62d96facd151f9ffaeae6f0c1584455834
			verify.paynow.co.zw/	1970-01-19 12:26:47	Name: Tawk_5a8fccf4d7591465c707f078 Value: vsa27.tawk.to::0
			.verify.paynow.co.zw/	1970-01-19 12:26:47	Name: __tawkuuid Value: e::verify.paynow.co.zw::oS5xErI1lGtWJuQ4Q/kCaugr/xsTzOfm0ZpvNqIQpAZF/Tgg0oKfMtj/xs4FgKGi::2
			.paynow.co.zw/	1970-01-19 08:09:02	Name: _gid Value: GA1.3.1343172072.1584455834
			verify.paynow.co.zw/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
			.paynow.co.zw/	1970-01-19 08:07:35	Name: _gat_gtag_UA_126552230_1 Value: 1
			.paynow.co.zw/	1970-01-20 01:38:47	Name: _ga Value: GA1.3.1206884126.1584455834

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://verify.paynow.co.zw/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
va.tawk.to
verify.paynow.co.zw
vsa27.tawk.to
www.google-analytics.com
www.googletagmanager.com
www.paynow.co.zw
196.44.182.165
2606:4700:10::6814:f34f
2606:4700:3030::6812:2558
2606:4700::6810:5814
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2003
2a00:1450:4001:815::200e
2a00:1450:4001:817::2008
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0b921c893d56c50550e3d9ff71011c403d3303bdc5f48a5f08882ba36afea08c
1020099db9af9bedf000abe9614c73c778d2a2668d15124c73c7b09145962409
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2a1112dee8ee1b01f36241ef29329be086153032df75975bc71e7cef20130fd2
304ece25ce91a2977c112cb437fe2f0cffb706c1ddedf63541dca28e8cf6f359
33246b57c417824c2d682772d2eaaa8d7ec8e00430e36fc706efe0409e079e01
450d4b8acc72550f454464decc99121b3614fb50e801f64d119143331994ffc6
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5518adb113efbbb76f7617c0b3069de0048a570cccfa95d707460d1b1219c91b
6dd40a3e5fe398cd3e3b7eaaf00382f4e6020cf49e21c0f73c4278b5e5fc41c2
75bac41f9892f4fadbd7355e6d863f2d74262f15047caa3dfd92b9e38423dfd6
76a8528cbfe10bb37fbe52368e91ea0c9892e82c68c070bf55ed973573d9f6d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ab3be65141fb922eb6ed1a452f7ac714c66e30eba1f1053b6bae7eec32ac1c60
adaa6ef452a9265294483ce2fa135abc524a45fa96ad8766ddf811281f1b1251
b5dc8a0ea6886f4daba8c6e6b722071a21796725c2c59ea0ce264d0d7019de52
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
ccb9ee75c19ee6795950cb1bcbeebcd250ab0e0d7a296e9947335644415795d0
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
ded56bc9bd7e0bd13cbbbad86164d34c60d884199a77118920bff4d2c0c93ed7
df64e42095343505664a1d694617e4eec445c3e808f16467184a2f5b606c0b3a
e5806fe1ab5abeb1e372b832413ebab68c7451d6eb1014a193e6d9d201f93cde
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f707ac905bc601e7c615efef3341229528ef740fdea765fc4c98eec658670856