www.payfirma.com
Open in
urlscan Pro
2606:4700:10::6814:73d
Public Scan
Submitted URL: https://www2.payfirma.com/
Effective URL: https://www.payfirma.com/
Submission: On January 18 via automatic, source certstream-suspicious
Effective URL: https://www.payfirma.com/
Submission: On January 18 via automatic, source certstream-suspicious
Summary
This website contacted 40 IPs
in 7 countries
across 30 domains to perform 102 HTTP transactions.
The main IP is 2606:4700:10::6814:73d, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is www.payfirma.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 9th 2019. Valid for: 2 years.
This is the only time www.payfirma.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 9th 2019. Valid for: 2 years.
This is the only time www.payfirma.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
35.174.78.146
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com
ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com
| www2.payfirma.com |
2
172.217.18.98
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
| www.googleadservices.com | |
| cm.g.doubleclick.net |
1
2a00:1450:4001:816::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2a00:1450:4001:81d::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
1
74.125.206.157
(United States)
ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
| bid.g.doubleclick.net |
1
13.225.80.89
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-89.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-89.fra2.r.cloudfront.net
| static.hotjar.com |
1
2a00:1450:4001:800::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
3
2a00:1450:4001:802::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googleadservices.com | |
| googleads.g.doubleclick.net |
3
2.16.186.18
(Ascension Island)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-18.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-18.deploy.static.akamaitechnologies.com
| embedwistia-a.akamaihd.net |
1
2a00:1450:4001:815::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
13.224.194.79
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-79.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-79.fra2.r.cloudfront.net
| script.hotjar.com |
1
13.224.194.18
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-18.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-18.fra2.r.cloudfront.net
| vars.hotjar.com |
5
104.76.200.122
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-122.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-122.deploy.static.akamaitechnologies.com
| s.adroll.com |
1
52.51.23.49
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-23-49.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-23-49.eu-west-1.compute.amazonaws.com
| in.hotjar.com |
1
13.224.194.119
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-119.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-119.fra2.r.cloudfront.net
| vc.hotjar.io |
18
34.254.169.151
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-169-151.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-169-151.eu-west-1.compute.amazonaws.com
| d.adroll.mgr.consensu.org | |
| d.adroll.com |
1
52.0.1.164
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-1-164.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-1-164.compute-1.amazonaws.com
| distillery.wistia.com |
1
34.205.237.238
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-237-238.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-237-238.compute-1.amazonaws.com
| pipedream.wistia.com |
2
3.124.119.192
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-192.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-192.eu-central-1.compute.amazonaws.com
| pixel.advertising.com |
1
3.126.56.137
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
| ups.analytics.yahoo.com |
2
104.76.200.247
(Netherlands)
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-247.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-247.deploy.static.akamaitechnologies.com
| dsum-sec.casalemedia.com |
1
69.173.144.139
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
2
18.158.81.184
(United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-81-184.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-81-184.eu-central-1.compute.amazonaws.com
| eb2.3lift.com |
2
18.158.221.94
(United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-221-94.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-221-94.eu-central-1.compute.amazonaws.com
| x.bidswitch.net |
2
185.33.220.243
(Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| ib.adnxs.com |
1
34.120.207.148
(United States)
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
| idsync.rlcdn.com |
2
34.98.64.218
(United States)
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
| Domain | Requested by | |
|---|---|---|
| 33 | www.payfirma.com |
1 redirects
www.payfirma.com
|
| 17 | d.adroll.com | 14 redirects |
| 8 | fonts.googleapis.com |
www.payfirma.com
|
| 7 | fast.wistia.com |
www.payfirma.com
fast.wistia.com |
| 5 | s.adroll.com |
1 redirects
www.payfirma.com
s.adroll.com |
| 4 | fonts.gstatic.com |
fonts.googleapis.com
|
| 3 | embedwistia-a.akamaihd.net |
www.payfirma.com
fast.wistia.com |
| 3 | www.google.de |
www.payfirma.com
|
| 3 | www.google.com |
www.payfirma.com
|
| 3 | connect.facebook.net |
www.payfirma.com
connect.facebook.net |
| 3 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 2 | us-u.openx.net | 1 redirects |
| 2 | ib.adnxs.com | 1 redirects |
| 2 | x.bidswitch.net | 1 redirects |
| 2 | eb2.3lift.com | 1 redirects |
| 2 | sync.outbrain.com | 1 redirects |
| 2 | dsum-sec.casalemedia.com | 1 redirects |
| 2 | pixel.advertising.com | 2 redirects |
| 2 | www.facebook.com |
www.payfirma.com
|
| 2 | bat.bing.com |
www.payfirma.com
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.payfirma.com |
| 2 | www.googleadservices.com |
www.payfirma.com
www.googletagmanager.com |
| 1 | cm.g.doubleclick.net | 1 redirects |
| 1 | idsync.rlcdn.com | |
| 1 | sync.taboola.com | |
| 1 | ads.yahoo.com | 1 redirects |
| 1 | simage2.pubmatic.com | |
| 1 | pixel.rubiconproject.com | |
| 1 | ups.analytics.yahoo.com | |
| 1 | pipedream.wistia.com |
fast.wistia.com
|
| 1 | distillery.wistia.com |
fast.wistia.com
|
| 1 | d.adroll.mgr.consensu.org | 1 redirects |
| 1 | vc.hotjar.io |
script.hotjar.com
|
| 1 | in.hotjar.com |
script.hotjar.com
|
| 1 | vars.hotjar.com |
static.hotjar.com
|
| 1 | script.hotjar.com |
static.hotjar.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | static.hotjar.com |
www.payfirma.com
|
| 1 | bid.g.doubleclick.net |
www.googleadservices.com
|
| 1 | www.googletagmanager.com |
www.payfirma.com
|
| 1 | www2.payfirma.com | 1 redirects |
| 102 | 41 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| merrco.ca |
| support.payfirma.com |
| hq.payfirma.com |
| developers.payfirma.com |
| www.facebook.com |
| twitter.com |
| www.linkedin.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.payfirma.com DigiCert SHA2 Secure Server CA |
2019-09-09 - 2021-12-10 |
2 years | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-12-28 - 2021-05-07 |
4 months | crt.sh |
| www.googleadservices.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.hotjar.com Amazon |
2020-12-25 - 2022-01-23 |
a year | crt.sh |
| *.googleadservices.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
| www.bing.com Microsoft RSA TLS CA 02 |
2020-10-27 - 2021-04-27 |
6 months | crt.sh |
| www.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| www.google.de GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2020-07-15 - 2021-09-13 |
a year | crt.sh |
| *.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.google.de GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.adroll.com DigiCert SHA2 Secure Server CA |
2020-01-29 - 2021-04-29 |
a year | crt.sh |
| *.hotjar.io Amazon |
2020-09-15 - 2021-10-15 |
a year | crt.sh |
| adroll.mgr.consensu.org Amazon |
2020-10-08 - 2021-11-07 |
a year | crt.sh |
| *.wistia.com Amazon |
2020-04-30 - 2021-05-30 |
a year | crt.sh |
| ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-10-24 - 2021-04-20 |
6 months | crt.sh |
| san.casalemedia.com GeoTrust RSA CA 2018 |
2020-03-02 - 2021-04-01 |
a year | crt.sh |
| *.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-18 - 2022-01-18 |
a year | crt.sh |
| *.outbrain.com Thawte RSA CA 2018 |
2019-10-29 - 2021-11-23 |
2 years | crt.sh |
| *.pubmatic.com Sectigo RSA Organization Validation Secure Server CA |
2019-02-22 - 2021-02-21 |
2 years | crt.sh |
| *.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2020-11-25 - 2021-12-26 |
a year | crt.sh |
| *.3lift.com Amazon |
2020-07-04 - 2021-08-05 |
a year | crt.sh |
| *.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2020-04-23 - 2022-05-04 |
2 years | crt.sh |
| *.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
| *.openx.net GeoTrust RSA CA 2018 |
2020-06-18 - 2021-08-17 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.payfirma.com/
Frame ID: 138675E8381EB37832B73DD26B909961
Requests: 101 HTTP requests in this frame
Frame:
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 7F0FD01D52AE99A76DA71374C3BA2C1B
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 3E72F67E102E08B92D936BAAF605A213
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www2.payfirma.com/
HTTP 302
http://www.payfirma.com/ HTTP 301
https://www.payfirma.com/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^cloudflare$/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
URL: https://merrco.ca/
Search URL Search Domain Scan URL
URL: https://support.payfirma.com/
Title: Support
Title: Support
Search URL Search Domain Scan URL
URL: https://hq.payfirma.com/
Title: Log in  >
Title: Log in  >
Search URL Search Domain Scan URL
URL: https://developers.payfirma.com/
Title:
Title:
Search URL Search Domain Scan URL
URL: http://developers.payfirma.com/
Title: Developer Center
Title: Developer Center
Search URL Search Domain Scan URL
URL: https://www.facebook.com/payfirma
Search URL Search Domain Scan URL
URL: https://twitter.com/Payfirma
Search URL Search Domain Scan URL
URL: http://www.linkedin.com/company/payfirma-corporation
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www2.payfirma.com/
HTTP 302
http://www.payfirma.com/ HTTP 301
https://www.payfirma.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 80- https://s.adroll.com/j/exp/LFZ52RPCCRF3NFITZH366O/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.mgr.consensu.org/consent/iabcheck/LFZ52RPCCRF3NFITZH366O?_s=7e5935fdb052ec1d6b72119d41052fcf&_b=2 HTTP 302
- https://d.adroll.com/consent/check/LFZ52RPCCRF3NFITZH366O/?_s=7e5935fdb052ec1d6b72119d41052fcf&_b=2
- https://d.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&pv=71516972422.45732&cookie=&adroll_s_ref=&keyw= HTTP 302
- https://s.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/7DMKJ5AWLRH7JBJAJZVIIP.js
- https://d.adroll.com/cm/aol/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://pixel.advertising.com/ups/55980/sync?uid=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP13a8776d-5977-11eb-803f-02655b7f774a
- https://d.adroll.com/cm/index/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&expiration=1642501352 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&expiration=1642501352&C=1
- https://d.adroll.com/cm/n/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&expires=365
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&rdrctExp=true
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/taboola/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
- https://d.adroll.com/cm/b/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM
- https://d.adroll.com/cm/x/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=YjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYjM0MzdiYjAyNmQ4MDYxYTgzNjAzYzYwY2Q1YTI5MjM
- https://d.adroll.com/cm/l/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=b3437bb026d8061a83603c60cd5a2923
- https://d.adroll.com/cm/o/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=b3437bb026d8061a83603c60cd5a2923 HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=b3437bb026d8061a83603c60cd5a2923
- https://d.adroll.com/cm/g/out?adroll_fpc=70ae2605cf639cc0be54b021bb5d38ab-1610965352536&arrfrr=https%3A%2F%2Fwww.payfirma.com%2F&xid_ch=f&advertisable=LFZ52RPCCRF3NFITZH366O&google_nid=adroll4 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=s0N7sCbYBhqDYDxgzVopIw HTTP 302
- https://d.adroll.com/cm/g/in
102 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.payfirma.com/ Redirect Chain
|
41 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
8 KB 877 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
www.payfirma.com/wp-includes/css/dist/block-library/ |
53 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ctt-module-design.css
www.payfirma.com/wp-content/plugins/click-to-tweet/css/ |
38 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
www.payfirma.com/wp-content/themes/payfirma/dist/styles/ |
331 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom.css
www.payfirma.com/wp-content/themes/payfirma/dist/styles/ |
2 KB 901 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.js
www.payfirma.com/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.js
www.payfirma.com/wp-content/themes/payfirma/dist/scripts/ |
261 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
temporary-new.css
www.payfirma.com/wp-content/themes/payfirma/dist/styles/ |
1 KB 540 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma-logo.svg
www.payfirma.com/wp-content/themes/payfirma/dist/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
merrco-logo.svg
www.payfirma.com/wp-content/themes/payfirma/dist/images/ |
1 KB 876 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zgcnyviwph.jsonp
fast.wistia.com/embed/medias/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
E-v1.js
fast.wistia.com/assets/external/ |
662 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
swatch
fast.wistia.com/embed/medias/zgcnyviwph/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
visa-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mastercard-icon-1.png
www.payfirma.com/wp-content/uploads/2017/01/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
american-express-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
discover-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
interac-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apple-pay-icon-1.png
www.payfirma.com/wp-content/uploads/2014/11/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma_fti_ecommerce.png
www.payfirma.com/wp-content/uploads/2016/05/ |
89 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma_fti_invoice.png
www.payfirma.com/wp-content/uploads/2016/05/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma-fti-mobile-payments.png
www.payfirma.com/wp-content/uploads/2016/05/ |
85 KB 85 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma_fti_recurring.png
www.payfirma.com/wp-content/uploads/2016/05/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AP20-Face-Payfirma-Branding.png
www.payfirma.com/wp-content/uploads/2020/03/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma_fti_web.png
www.payfirma.com/wp-content/uploads/2016/05/ |
38 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma_fti_integrations.png
www.payfirma.com/wp-content/uploads/2016/08/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma-integrations-hero.png
www.payfirma.com/wp-content/uploads/2016/08/ |
169 KB 169 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
email-decode.min.js
www.payfirma.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 869 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion.js
www.googleadservices.com/pagead/ |
30 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ctt-script.js
www.payfirma.com/wp-content/plugins/click-to-tweet/js/ |
14 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-embed.min.js
www.payfirma.com/wp-includes/js/ |
1 KB 931 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
www.payfirma.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
css
fonts.googleapis.com/ |
21 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
css
fonts.googleapis.com/ |
8 KB 640 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
css
fonts.googleapis.com/ |
7 KB 620 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
css
fonts.googleapis.com/ |
3 KB 609 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
css
fonts.googleapis.com/ |
5 KB 647 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
css
fonts.googleapis.com/ |
723 B 348 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
css
fonts.googleapis.com/ |
20 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
110 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma.woff
www.payfirma.com/wp-content/themes/payfirma/dist/fonts/ |
11 KB 11 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Payfirma_ebook_integration_fti-600x400.jpg
www.payfirma.com/wp-content/uploads/2018/02/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Payfirma_ebook_integration_fti-600x400.jpg
www.payfirma.com/wp-content/uploads/2017/06/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payfirma_whitepaper_2017theyearahed_fti-600x400.jpg
www.payfirma.com/wp-content/uploads/2017/01/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066247511/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel
bid.g.doubleclick.net/xbbe/ Frame 7F0F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hotjar-96481.js
static.hotjar.com/c/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
conversion_async.js
www.googleadservices.com/pagead/ |
30 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
90 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
27 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/1066247511/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/1066247511/ |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 2 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ad34fd74a803c9b9e1740156246595af3a7915e7.webp
embedwistia-a.akamaihd.net/deliveries/ |
27 KB 28 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wistiaLogo.js
fast.wistia.com/assets/external/ |
38 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 86 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1885838494974542
connect.facebook.net/signals/config/ |
27 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modules.3123a148abe4a1b966d0.js
script.hotjar.com/ |
222 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066247511/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/952234304/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 3E72 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/952234304/ |
42 B 302 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/952234304/ |
42 B 530 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/1066247511/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/1066247511/ |
42 B 66 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
playPauseLoadingControl.js
fast.wistia.com/assets/external/ |
52 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
40 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hls_video.js
fast.wistia.com/assets/external/engines/ |
303 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/96481/ |
152 B 305 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
96481
vc.hotjar.io/sessions/ |
0 256 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
blank.gif
fast.wistia.com/assets/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
27971d8b3bc4852a4b0672a46d65d265ba4c302a.m3u8
embedwistia-a.akamaihd.net/deliveries/ |
4 KB 4 KB |
XHR
application/vnd.apple.mpegurl |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/pre/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/ |
0 773 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
d.adroll.com/consent/check/LFZ52RPCCRF3NFITZH366O/ Redirect Chain
|
393 B 860 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
x
distillery.wistia.com/ |
0 96 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7DMKJ5AWLRH7JBJAJZVIIP.js
s.adroll.com/pixel/LFZ52RPCCRF3NFITZH366O/KBEOT3IXI5AZDPZAHIS2Z6/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
mput
pipedream.wistia.com/ |
2 B 136 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
761212920617345
connect.facebook.net/signals/config/ |
241 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 964 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
42 B 798 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 477 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Pug
simage2.pubmatic.com/AdServer/ Redirect Chain
|
1 B 1010 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
in
d.adroll.com/cm/r/ Redirect Chain
|
42 B 499 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rtb-h
sync.taboola.com/sg/adroll-network/1/ Redirect Chain
|
0 220 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 352 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 344 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
377928.gif
idsync.rlcdn.com/ Redirect Chain
|
0 66 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 536 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
seg-1-v1-a1.ts
embedwistia-a.akamaihd.net/deliveries/27971d8b3bc4852a4b0672a46d65d265ba4c302a.m3u8/ |
91 KB 92 KB |
XHR
video/mp2t |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
193 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| wpAjax object| _gsScope function| set_parallax_steps_content_height function| reset_resource_tile_height function| initialize_marketo_form function| getParameterByName function| getFormCookieParam object| scrollMagicController object| jQuery112409229929387079419 object| classie object| eventie function| EventEmitter function| matchesSelector function| getStyleProperty function| Unipointer function| Unidragger object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| ScrollMagic function| lity function| Cookies function| Waypoint function| docReady object| fizzyUIUtils function| getSize function| TapListener function| Flickity function| imagesLoaded function| sgAddEvent object| SG_POPUPS_QUEUE object| SG_POPUP_DATA string| SG_APP_POPUP_URL string| SG_POPUP_VERSION object| dataLayer string| adroll_adv_id string| adroll_pix_id object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| hj object| _hjSettings function| save_template_setting function| save_auth_box_setting function| save_image_box_setting function| save_hind_box_setting function| ctt_tweet_settings object| wp object| wistiajsonp-/embed/medias/zgcnyviwph.jsonp object| google_tag_manager function| postscribe object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| uetq object| twemoji object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| UET function| google_trackConversion object| GooglebQhCsO boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .payfirma.com/ | Name: _hjid Value: 4e2b6c64-8aa7-459c-a30a-b91107f8b378 |
|
| .payfirma.com/ | Name: _fbp Value: fb.1.1610965351936.8173967 |
|
| .payfirma.com/ | Name: _uetsid Value: 12f4ba40597711ebbbee9324bfce9826 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUn5DFEcvJyiSkK-AU4uSMm50TASQBptD9eMmGYXVxoMu_PVqAvOMSW5CtCf |
|
| .payfirma.com/ | Name: _dc_gtm_UA-19493967-1 Value: 1 |
|
| .payfirma.com/ | Name: _hjFirstSeen Value: 1 |
|
| .payfirma.com/ | Name: _ga Value: GA1.2.1841851845.1610965352 |
|
| .payfirma.com/ | Name: _hjTLDTest Value: 1 |
|
| .payfirma.com/ | Name: _uetvid Value: 12f501f0597711eb978175c852ab0f15 |
|
| .payfirma.com/ | Name: _gid Value: GA1.2.7108123.1610965352 |
|
| .payfirma.com/ | Name: __cfduid Value: d5acadef7663ae9eb69b2e40ab4bf71ac1610965351 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Public-Key-Pins | pin-sha256="K2ca9amveIqbXXWk3J+28V75lG6EFD2pRWKs1bm0tlQ="; max-age=5184000; includeSubDomains; report-uri="https://www.example.org/hpkp-report" |
| Strict-Transport-Security | max-age=2592000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yahoo.com
bat.bing.com
bid.g.doubleclick.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
distillery.wistia.com
dsum-sec.casalemedia.com
eb2.3lift.com
embedwistia-a.akamaihd.net
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
pipedream.wistia.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
script.hotjar.com
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.payfirma.com
www2.payfirma.com
x.bidswitch.net
104.76.200.122
104.76.200.247
13.224.194.119
13.224.194.18
13.224.194.79
13.225.80.89
141.226.228.48
172.217.18.98
18.158.221.94
18.158.81.184
185.33.220.243
185.64.190.80
2.16.186.18
2606:4700:10::6814:73d
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:802::200a
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:815::200e
2a00:1450:4001:816::2008
2a00:1450:4001:81d::2002
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::622
3.124.119.192
3.126.56.137
34.120.207.148
34.205.237.238
34.254.169.151
34.98.64.218
35.174.78.146
52.0.1.164
52.51.23.49
69.173.144.139
70.42.32.31
74.125.206.157
02761c609397a6ba3c0d8a4e7ce7ef3ca2235c8efc60c61bc89a7436fcd21efd
0321299693dbe1e2eb1574865a2bd22ddd0381d132e436d01ccc0007b6121ffa
05cb4002e73d59b4ce5b702068f39413e152eee56f100c733892cf13d012129c
0760449cf607277e85c0b2f456cc04da73515bf4bf85832a66e24faeffe7676b
0b4b88697888cdeb1ffc780ba2a154cf803363afd07a2a89ee3371192c0a758a
0f474f6b821b4581b1e3cb9a27cd3d03e2aaf6444be77ed7f1838360ef2db4fd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1678dbfa1acaf623177ec3565f29bab94c07019f1843af1322e3f457ec39fc73
19eb90a7f2c16a63cf2a83cd3e4c895c16b6d47d8628fb4dfca640419e66ae45
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f1b5ed79b56b8a9d2bdabaa337871f680484cc0429fa73a1ac01f70573b6521
2393f93c7fb70f340d981366adccee7b61da91c3fbce463f128b31b94659657c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
266f8de801a2ffb6891598841c0a110e8e72f7573d9f7e52aaca93894ddc82c4
2b84f7f28c3ba7b7322a0e2d7635cc5fc34530d603495f7ed32a0a58fbfa85b7
31e6abcb2cc8e50e029d436ce905f5c73bc4caaa3d95ad87d4b221e26b2ea3f3
3288fa0a59cd2b0516e638806773f2eb2ff36be2cdbdd4a7425fb855aec5bad4
35f3be65007e46757364a5f1db65992b7250282a5334b84ddd91c0b20e4dc77b
3901fb12d29c314def656cf1f779ac52b3d21f1179d454130f087450b9ec9df0
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c032738c0bb57f74ab3b01bd79843b07f3d18da5cd8aad800ed00e458e23f62
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecf2743ef822dcd381643f2645c7f7de34273766f69547bdcf49b9c7b3bfa31
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5ea459fd464d7c62ac36c16a770772e364c685ad82f94d09c02ca5b989b08a97
60db601a86118a36bbfcb22e058252aae16252c757e36b7027ce2cf689b0dfa7
63796d683841c242bdd76d2c118f3b1a78516d5e2c4f94ce47c41141d7c89286
6458a9cb776a7aa09e42571c05119aae130668f8921e728836d35a0b3421eb17
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7b6e6bdce3879a5f1b62406f2b16404a9edeabfb685d601dce678eb2ff29a1b1
7d0dcf7a02a336ebbfdbfa1f09be1804951abe6368e9d6443201628574a111f7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
894c56361b7b1b5ccca175b91a0e8da14a579c283991ce2a56258e4900a27e32
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8cb8a74b801a51ff3583a349e61640557f5922929c12c2d75c71a28cc4a5b360
8d79abd9e2efb13d4d85a891904f5604dccab8a6143796097fd1f58b65643841
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
90fb2f5f47284fb9f0acd6ad0ccf68d6872aeb0888e51df065ffc70accebd35d
939f0d4b0cef8ef02116b8c35fb0cfb66dba982b95d1379b0c6337e545b0a5f3
951a46f57bbcd40e1af08b7f7a6d4099abfc7e2934be2393540543a5f8a316c7
952601684d33c423bf905a8382dcf436a1de66e118d6f51e21a6e4c0851d9826
960e81c4139ebec9f528daca9146f7260aa913ed802cf6a233c4b3ebda3c9856
9d37b252a43bb8921694deaa7427fffe15965fa3e6c0805e39ae7dec67d68526
9eab2d6ead8848dc7c70819310d0265b83d89482c10a52fca0c388df0f419c71
a228975fd9db8c8d80d94fc77eadf7d6543e86972d41b2f5b6470179391f055c
a3aae17ee5665d65900cd61d31b63a609adfa1ed6d75faebfdb009520afb52cd
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
af5fd77da418c35a835bc78af12efb4a6b6b967550c1fd51461d0eceab9483d0
aff1a1de5eb5733c6230394354493e75039656f7c9d14028ca249b501faea57b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b557684df0ea0c6d9cefce5735d183a031ba4644e61be1951dc3d329506f9637
b6775a945b24a75a127b00fdd9105f3fd421d4c1d7c0276246cfe3a895a79dd2
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc936c3c34f04db648c2654d796e5fad4ccded4e624436ecf0a819c58cb3da54
bfa7313ee8ae084b765423383e4de6f05127357aaa559b4fc89f94a7a5d48b02
c07d84961c4264d6006f8fe77f11f1821b57d7f57ecaae6101c36e8ee230d997
c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a
c332ab9057c677dd761e3baaae4bc366ffb5ccf6beb178abc1e92743eee7df2f
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
d060cce869d13af50778023f0997b90d5512a0b80903342f1df0abeb926725ea
ddd0bbc81a9ca75885b98cca2384cb6fbd3a39156b7fe16a1dc2c884e0badb70
e010909741f1b40febcabbf48ec75aabbf4f6abad47e64afe30e9fa55e6ef105
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e484bb7f42dbd8751008f444044cbcfd5e3a44cded7e9bfb6cdf59c2c720133e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6a3e4f403d70d912e781a3b5657641678e78efde23ee003fd45cd0ec6c43ac
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6390b30d5e1744dc060e6524f101a94eb7d74a3cac17281190cad405e210c52
f7e0df6d6857d960c133851e5fa2f400bb71fe4928ce302bd0de0db362335e54
fb279fda0876f502b617739afc25d8e257be2ebadbf050f82df86a467a06bdc1
fcac65043062317836c5c7e41284e94fa56ac984edcb073755196a62c91e08c9
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
ff13e8821a0f127004e7a640927828a3f9883a52601baea23c1f755d2a0bec5c