urlscan.io logo urlscan.io
SecurityTrails logo

overtimeguide.com Open in urlscan Pro
219.94.128.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://overtimeguide.com/simulation
Effective URL: https://overtimeguide.com/simulation/
Submission: On November 18 via api from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 49 HTTP transactions. The main IP is 219.94.128.231, located in Hiyoshi, Japan and belongs to SAKURA-C SAKURA Internet Inc., JP. The main domain is overtimeguide.com.
TLS certificate: Issued by R10 on October 13th 2024. Valid for: 3 months.
This is the only time overtimeguide.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 35 219.94.128.231 9371 (SAKURA-C ...)
4 2404:6800:400... 15169 (GOOGLE)
3 31.13.82.7 32934 (FACEBOOK)
4 31.13.82.36 32934 (FACEBOOK)
2 2404:6800:400... 15169 (GOOGLE)
1 142.250.207.14 15169 (GOOGLE)
2 142.250.199.100 15169 (GOOGLE)
1 142.250.199.98 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 142.250.198.3 15169 (GOOGLE)
49 10
35    219.94.128.231 (Hiyoshi, Japan)

ASN9371 (SAKURA-C SAKURA Internet Inc., JP)
PTR: www991.sakura.ne.jp
overtimeguide.com
4    2404:6800:4004:80a::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net
connect.facebook.net
4    31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com
www.facebook.com
2    2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.207.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f14.1e100.net
www.google-analytics.com
2    142.250.199.100 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f4.1e100.net
www.google.com
1    142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net
googleads.g.doubleclick.net
1    2404:6800:4004:811::2002 (Australia)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    142.250.198.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f3.1e100.net
www.google.co.jp
Apex Domain
Subdomains		 Transfer
35 overtimeguide.com
overtimeguide.com
83 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
420 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
271 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
78 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
64 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 25693
64 B
49 8
Domain Requested by
35 overtimeguide.com 5 redirects overtimeguide.com
4 www.facebook.com overtimeguide.com
4 www.googletagmanager.com overtimeguide.com
www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net overtimeguide.com
connect.facebook.net
2 www.google.com www.googletagmanager.com
overtimeguide.com
1 www.google.co.jp overtimeguide.com
1 td.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
49 9

This site contains no links.

Subject Issuer Validity Valid
overtimeguide.com
R10		 2024-10-13 -
2025-01-11		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-27 -
2024-11-25		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.co.jp
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://overtimeguide.com/simulation/
Frame ID: 8697ABF99083DF78DC2C04674411F835
Requests: 47 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/857991916?random=1731895342273&cv=11&fst=1731895342273&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0h1v9130190201za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&hn=www.googleadservices.com&frm=0&tiba=%E6%AE%8B%E6%A5%AD%E4%BB%A3%E3%83%81%E3%82%A7%E3%83%83%E3%82%AB%E3%83%BC%20%7C%20%E6%AE%8B%E6%A5%AD%E4%BB%A3%E8%AB%8B%E6%B1%82%E5%BC%81%E8%AD%B7%E5%A3%ABPRO&npa=0&pscdl=noapi&auid=1014969650.1731895342&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 98F1B890F09885EA0726DFAC596412F6
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fovertimeguide.com
Frame ID: E13064896E55F97EA145A4F8C4AAC930
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

残業代チェッカー | 残業代請求弁護士PRO

Page URL History Show full URLs

  1. http://overtimeguide.com/simulation HTTP 307
    https://overtimeguide.com/simulation HTTP 301
    https://overtimeguide.com/simulation/ HTTP 307
    http://overtimeguide.com/simulation HTTP 302
    https://overtimeguide.com/simulation HTTP 301
    https://overtimeguide.com/simulation/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

49
Requests

96 %
HTTPS

30 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

456 kB
Transfer

1272 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://overtimeguide.com/simulation HTTP 307
    https://overtimeguide.com/simulation HTTP 301
    https://overtimeguide.com/simulation/ HTTP 307
    http://overtimeguide.com/simulation HTTP 302
    https://overtimeguide.com/simulation HTTP 301
    https://overtimeguide.com/simulation/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://overtimeguide.com/wp-content/themes/overtime/imgs/common/header_bg.gif HTTP 301
  • https://overtimeguide.com/
Request Chain 26
  • https://overtimeguide.com/wp-content/themes/overtime/imgs/common/container_bg.png HTTP 301
  • https://overtimeguide.com/

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
overtimeguide.com/simulation/
Redirect Chain
  • http://overtimeguide.com/simulation
  • https://overtimeguide.com/simulation
  • https://overtimeguide.com/simulation/
  • http://overtimeguide.com/simulation
  • https://overtimeguide.com/simulation
  • https://overtimeguide.com/simulation/
22 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
fa0ef9a469769bccea5bb1170ff100ebc927b4a5fb4ebc9b2ca6575003af63ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
5916
content-type
text/html; charset=UTF-8
date
Mon, 18 Nov 2024 02:02:21 GMT
link
<https://overtimeguide.com/wp-json/>; rel="https://api.w.org/", <https://overtimeguide.com/wp-json/wp/v2/pages/301>; rel="alternate"; type="application/json", <https://overtimeguide.com/?p=301>; rel=shortlink
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 18 Nov 2024 02:02:19 GMT
location
https://overtimeguide.com/simulation/
server
nginx
x-redirect-by
WordPress
classic-themes.min.css
overtimeguide.com/wp-includes/css/ 		291 B
390 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://overtimeguide.com/wp-includes/css/classic-themes.min.css?ver=011eb19d2288293379d31bf9ec020008
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

content-encoding
gzip
etag
"123-5f4937262ca00-gzip"
accept-ranges
bytes
content-length
210
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
text/css
last-modified
Mon, 13 Feb 2023 11:50:00 GMT
server
nginx
vary
Accept-Encoding
pagenavi-css.css
overtimeguide.com/wp-content/plugins/wp-pagenavi/ 		374 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://overtimeguide.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

content-encoding
gzip
etag
"176-483ee7ed22900-gzip"
accept-ranges
bytes
content-length
239
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
text/css
last-modified
Sun, 11 Apr 2010 04:31:00 GMT
server
nginx
vary
Accept-Encoding
base.css
overtimeguide.com/wp-content/themes/overtime/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://overtimeguide.com/wp-content/themes/overtime/css/base.css
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
f60f2d463c02fcc6af69a3bb884c8ef00bc5daf01a85670fd562d281050c2aad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

content-encoding
gzip
etag
"37ce-5b526bc887f00-gzip"
accept-ranges
bytes
content-length
2541
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
text/css
last-modified
Sat, 28 Nov 2020 08:41:00 GMT
server
nginx
vary
Accept-Encoding
contact.css
overtimeguide.com/wp-content/themes/overtime/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://overtimeguide.com/wp-content/themes/overtime/css/contact.css
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
7af889af183d60c00a065a19c68f987558d55bf7964021e38b91b0ea38e96bc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

content-encoding
gzip
etag
"ba6-5a51fab4be400-gzip"
accept-ranges
bytes
content-length
876
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
text/css
last-modified
Fri, 08 May 2020 09:32:00 GMT
server
nginx
vary
Accept-Encoding
style.css
overtimeguide.com/wp-content/themes/overtime/ 		0
121 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://overtimeguide.com/wp-content/themes/overtime/style.css
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"0-4fd05f55cb500"
content-type
text/css
last-modified
Mon, 30 Jun 2014 04:19:00 GMT
server
nginx
scrollsmoothly.js
overtimeguide.com/wp-content/themes/overtime/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://overtimeguide.com/wp-content/themes/overtime/js/scrollsmoothly.js
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
5a87dfd2f44983d065c748027617bf1fd03d928de6e8fd21f07fe862481da4d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

content-encoding
gzip
etag
"14fb-4cd56fcdbfe00-gzip"
accept-ranges
bytes
content-length
2077
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
application/javascript
last-modified
Wed, 31 Oct 2012 08:50:00 GMT
server
nginx
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		223 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-163607726-1
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd47e55805766d5b19cb8144f8fbb9d037105d56be4e7a4b04cd97ad3fa2844c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 18 Nov 2024 02:02:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81452
x-xss-protection
0
server
Google Tag Manager
logo.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/logo.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
9597761b6729728a3f178fa4b72a1a3113e41895f31d3fe97e8cde1cb81b73b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
18457
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"4819-5b1b1fc133c00"
content-type
image/png
last-modified
Thu, 15 Oct 2020 09:08:00 GMT
server
nginx
header_name.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/header_name.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
e65d9bf6c844b8bd599f2355974d235a2732e808ed5ece637c0ad48b1cd6d9e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
5327
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"14cf-557d93b6be600"
content-type
image/png
last-modified
Tue, 29 Aug 2017 00:10:00 GMT
server
nginx
header_phone.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/header_phone.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
1bc20e4a3b89b16afeeed47ae002adf4eace023f8935babf022936c408cf8881

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
6526
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"197e-61b23fd2a06dc"
content-type
image/png
last-modified
Tue, 18 Jun 2024 06:14:05 GMT
server
nginx
gnavi6_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/gnavi6_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
4dc408beeebe516eabf139f3439369a991bc06489003460b5e3cf71e3db2c9ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
1982
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"7be-557d93444d800"
content-type
image/png
last-modified
Tue, 29 Aug 2017 00:08:00 GMT
server
nginx
gnavi1_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/gnavi1_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
cdb9818ac38ba6c3e0a6db4b42e69b3cb3c7a2e43be983dd7dab86b820753099

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
2179
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"883-5b503fe53fe00"
content-type
image/png
last-modified
Thu, 26 Nov 2020 15:14:00 GMT
server
nginx
gnavi2_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/gnavi2_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
70d76bdee3a4e6a600ee7965acb5e9b8f480d273c1b08d4382c64fc7ffecd29d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
1480
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"5c8-5bc008d49d000"
content-type
image/png
last-modified
Tue, 23 Feb 2021 13:04:00 GMT
server
nginx
gnavi7_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/gnavi7_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
86a5a90163f2d9cb834ebc87e9d7af3aefe53d88810c166b0aa0f8c6b6d1cf6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
1249
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"4e1-5bc008d49d000"
content-type
image/png
last-modified
Tue, 23 Feb 2021 13:04:00 GMT
server
nginx
gnavi3_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/gnavi3_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
e008d56a7e147c45459b6a8b4a78b24c13a2205f792b0d58a8c9fa455ccad6e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
1055
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"41f-5b1b4c3c12d00"
content-type
image/png
last-modified
Thu, 15 Oct 2020 12:27:00 GMT
server
nginx
gnavi4_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/gnavi4_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
516e2c3b128789c555898f514b9937a8202ff89fa8a6f3c3fe13b0f16e2bf18a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
1169
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"491-5b1b451504d00"
content-type
image/png
last-modified
Thu, 15 Oct 2020 11:55:00 GMT
server
nginx
gnavi5_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/gnavi5_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
7bc7f634860719b12cdcc13bb0484c7824311cec93195cb0a6645c7da9237df4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
2792
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"ae8-5b1b4c02da600"
content-type
image/png
last-modified
Thu, 15 Oct 2020 12:26:00 GMT
server
nginx
gnavi8_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/gnavi8_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
d3a392f3b80d3d3f3bc0f5abc9a8c182e2e577172774fb1570c4a4c6ec0254ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
1128
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"468-5b50433f8e700"
content-type
image/png
last-modified
Thu, 26 Nov 2020 15:29:00 GMT
server
nginx
confirm_btn_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/contact/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/contact/confirm_btn_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
b0dc18203f73b356f07fc18181a4776abb7af1c5cf7798c8e3457dafc58853b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
1364
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"554-557d4bbdc1800"
content-type
image/png
last-modified
Mon, 28 Aug 2017 18:48:00 GMT
server
nginx
pageup_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		434 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/pageup_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
0cbc187874244e38618cb4212d59ae7fc8728d61ee1041a505d5e4717d0b38a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
434
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"1b2-557d94d4d8900"
content-type
image/png
last-modified
Tue, 29 Aug 2017 00:15:00 GMT
server
nginx
footer_phone.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/footer_phone.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
20c4b9e4c887ac0ee4463b4ea536614ef7224bb709e970a6e06767249e630b55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
7533
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"1d6d-61b2497f89df8"
content-type
image/png
last-modified
Tue, 18 Jun 2024 06:57:22 GMT
server
nginx
footer_mail_off.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/footer_mail_off.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
a9367cf6fb0340238c9d2a868546de6dbcb4d133de7eba69be6cb7fd3657036e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
2291
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"8f3-557d93444d800"
content-type
image/png
last-modified
Tue, 29 Aug 2017 00:08:00 GMT
server
nginx
footer_name.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/footer_name.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
0d3c94586bee408b77829d04afa9c9e99c284d6f44822e81bec3e77771de1632

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
2092
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"82c-557d93444d800"
content-type
image/png
last-modified
Tue, 29 Aug 2017 00:08:00 GMT
server
nginx
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-tmAWpMpG' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-tmAWpMpG' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4444, tp=9, tpl=0, uplat=4, ullat=-1
pragma
public
x-fb-debug
zNU5CE4smxSDnCLPQoeZGrZ6KHIY/OIGqjqAmeh+xyinnQ1wAH9Y2pSWT/xSXbKxfatYS//ico3Nzg7hQUR/mw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
bg.gif
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/bg.gif
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/wp-content/themes/overtime/css/base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
2cde08e0351a889129d37ca5561e30652333a2ea53dd703f9736003b72179427

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/wp-content/themes/overtime/css/base.css

Response headers

accept-ranges
bytes
content-length
1560
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"618-4fd05f55cb500"
content-type
image/gif
last-modified
Mon, 30 Jun 2014 04:19:00 GMT
server
nginx
/
overtimeguide.com/
Redirect Chain
  • https://overtimeguide.com/wp-content/themes/overtime/imgs/common/header_bg.gif
  • https://overtimeguide.com/
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/wp-content/themes/overtime/css/base.css
Protocol
H2
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/wp-content/themes/overtime/css/base.css

Response headers

link
<https://overtimeguide.com/wp-json/>; rel="https://api.w.org/", <https://overtimeguide.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://overtimeguide.com/>; rel=shortlink
content-length
11591
content-encoding
gzip
date
Mon, 18 Nov 2024 02:02:24 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx

Redirect headers

expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
location
https://overtimeguide.com
content-length
0
date
Mon, 18 Nov 2024 02:02:22 GMT
content-type
text/html; charset=UTF-8
server
nginx
/
overtimeguide.com/
Redirect Chain
  • https://overtimeguide.com/wp-content/themes/overtime/imgs/common/container_bg.png
  • https://overtimeguide.com/
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/wp-content/themes/overtime/css/base.css
Protocol
H2
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/wp-content/themes/overtime/css/base.css

Response headers

link
<https://overtimeguide.com/wp-json/>; rel="https://api.w.org/", <https://overtimeguide.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://overtimeguide.com/>; rel=shortlink
content-length
11591
content-encoding
gzip
date
Mon, 18 Nov 2024 02:02:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx

Redirect headers

expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
location
https://overtimeguide.com
content-length
0
date
Mon, 18 Nov 2024 02:02:22 GMT
content-type
text/html; charset=UTF-8
server
nginx
home_icon.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		556 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/home_icon.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/wp-content/themes/overtime/css/base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
8ea1ae818a02c6cbe4a1799535bab39674b89c9a48a2c104e190fa4a7e35db6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/wp-content/themes/overtime/css/base.css

Response headers

accept-ranges
bytes
content-length
556
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"22c-557d93b6be600"
content-type
image/png
last-modified
Tue, 29 Aug 2017 00:10:00 GMT
server
nginx
title_bg.png
overtimeguide.com/wp-content/themes/overtime/imgs/contact/ 		399 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/contact/title_bg.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/wp-content/themes/overtime/css/contact.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
ee0cd068b26a7b1056094d4c24644ef12dd2d01eb308c914217261b3aa7e5dd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/wp-content/themes/overtime/css/contact.css

Response headers

accept-ranges
bytes
content-length
399
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"18f-557d4bbdc1800"
content-type
image/png
last-modified
Mon, 28 Aug 2017 18:48:00 GMT
server
nginx
footer_list_icon.png
overtimeguide.com/wp-content/themes/overtime/imgs/common/ 		82 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://overtimeguide.com/wp-content/themes/overtime/imgs/common/footer_list_icon.png
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/wp-content/themes/overtime/css/base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
ab439f867e71610a643985f9f3066e2dc4d9a5cd5f48442dfcdd3b03ad6a2e40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/wp-content/themes/overtime/css/base.css

Response headers

accept-ranges
bytes
content-length
82
date
Mon, 18 Nov 2024 02:02:21 GMT
etag
"52-557d93444d800"
content-type
image/png
last-modified
Tue, 29 Aug 2017 00:08:00 GMT
server
nginx
1171368486644140
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1171368486644140?v=2.9.177&r=stable&domain=overtimeguide.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
e922354e9c127e54e21933b1aada4eba90cd4dccd0860053d10e8f0454e7ab67
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-IcQEfDcx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-IcQEfDcx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=71, mss=1232, tbw=70968, tp=67, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
rZwawTJrpbq3fjFPiM3gwohVXjo8A7wQgjGd/HK+53S1FcVHS222Zsdrhnb8mPb04kP2PYwPiDyFWZR5vCXMyQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14048
x-xss-protection
0
origin-agent-cluster
?1
1204201163332717
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1204201163332717?v=2.9.177&r=stable&domain=overtimeguide.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C234%2C116%2C127%2C235%2C165%2C119%2C237%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
db269e49f0c34f8960f0517ee0a2db5edb7a0d75809d864d785dd860e2f9871e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-EihDIts4' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 18 Nov 2024 02:02:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-EihDIts4' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=83, mss=1232, tbw=86118, tp=83, tpl=0, uplat=208, ullat=0
pragma
public
x-fb-debug
v1W1iT3XIiPcma2h8ws4K2PtVDYaFutEVTHrrNnjUxI+v/+ROSXw014PfYPahg8vUQL1JNKXmiU2rDv4wtyhzA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1171368486644140&ev=PageView&dl=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&rl=&if=false&ts=1731895341887&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731895341886.827487392857431476&ler=empty&cdl=API_unavailable&it=1731895341855&coo=false&rqm=GET
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4459, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1171368486644140&ev=PageView&dl=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&rl=&if=false&ts=1731895341887&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731895341886.827487392857431476&ler=empty&cdl=API_unavailable&it=1731895341855&coo=false&rqm=FGET
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438433851534880066"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 18 Nov 2024 02:02:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
bi2ZxSSAKY0eounnG+bArxCBqqXAsKqUaRKh6sJFMAAGIJTstD5b8gVoC9UFbcEG3gQE4U1ISnOSsj5mafe4fQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438433851534880066", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4827, tp=13, tpl=0, uplat=191, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		266 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8Q7SHL9SDM&l=dataLayer&cx=c&gtm=457e4bc0h1za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163607726-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eaf5378584aac9c214f98cca3549545657a19a4d45aaf6dd2f6351af0351e380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 18 Nov 2024 02:02:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 02:02:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96196
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163607726-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-encoding
gzip
age
4778
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 02:42:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 00:42:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/ 		282 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-857991916&l=dataLayer&cx=c&gtm=457e4bc0h1za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163607726-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a65e84a516dd23fc633e14854a5e00eae5a63f6038e82d918af78f714764067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 18 Nov 2024 02:02:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 02:02:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99376
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/j/ 		1 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=75146260&t=pageview&_s=1&dl=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&ul=ja-jp&de=UTF-8&dt=%E6%AE%8B%E6%A5%AD%E4%BB%A3%E3%83%81%E3%82%A7%E3%83%83%E3%82%AB%E3%83%BC%20%7C%20%E6%AE%8B%E6%A5%AD%E4%BB%A3%E8%AB%8B%E6%B1%82%E5%BC%81%E8%AD%B7%E5%A3%ABPRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=478849084&gjid=963343171&cid=40404154.1731895342&tid=UA-163607726-1&_gid=201850330.1731895342&_r=1&gtm=457e4bc0h1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&jsscut=1&z=2115216828
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://overtimeguide.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 02:02:22 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://overtimeguide.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1204201163332717&ev=PageView&dl=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&rl=&if=false&ts=1731895342105&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731895341886.827487392857431476&ler=empty&cdl=API_unavailable&it=1731895341855&coo=false&rqm=GET
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=26, mss=1232, tbw=8203, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 18 Nov 2024 02:02:22 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1204201163332717&ev=PageView&dl=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&rl=&if=false&ts=1731895342105&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731895341886.827487392857431476&ler=empty&cdl=API_unavailable&it=1731895341855&coo=false&rqm=FGET
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438433854145656290"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 18 Nov 2024 02:02:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
oGjALsLek4cyQeGis5tKs1MVfvNG7nlmbfOcOUHm5g5f/KinUjeCmjuAvAs1/39lztl4zQMUZu06yBQ4niGAdA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438433854145656290", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=26, mss=1232, tbw=8411, tp=21, tpl=0, uplat=413, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8Q7SHL9SDM&gtm=45je4bc0h1v9111330682za200&_p=1731895341809&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&cid=40404154.1731895342&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1731895342&sct=1&seg=0&dl=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&dt=%E6%AE%8B%E6%A5%AD%E4%BB%A3%E3%83%81%E3%82%A7%E3%83%83%E3%82%AB%E3%83%BC%20%7C%20%E6%AE%8B%E6%A5%AD%E4%BB%A3%E8%AB%8B%E6%B1%82%E5%BC%81%E8%AD%B7%E5%A3%ABPRO&en=page_view&_fv=1&_ss=1&tfd=4599
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8Q7SHL9SDM&l=dataLayer&cx=c&gtm=457e4bc0h1za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://overtimeguide.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 02:02:22 GMT
content-type
text/plain
server
Golfe2
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1366401584.1731895342&auid=1014969650.1731895342&npa=0&gtm=45be4bc0h1v9130190201za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&tft=1731895342278&tfd=4680&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-857991916&l=dataLayer&cx=c&gtm=457e4bc0h1za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/857991916/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/857991916/?random=1731895342273&cv=11&fst=1731895342273&bg=ffffff&guid=ON&async=1&gtm=45be4bc0h1v9130190201za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&hn=www.googleadservices.com&frm=0&tiba=%E6%AE%8B%E6%A5%AD%E4%BB%A3%E3%83%81%E3%82%A7%E3%83%83%E3%82%AB%E3%83%BC%20%7C%20%E6%AE%8B%E6%A5%AD%E4%BB%A3%E8%AB%8B%E6%B1%82%E5%BC%81%E8%AD%B7%E5%A3%ABPRO&npa=0&pscdl=noapi&auid=1014969650.1731895342&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-857991916&l=dataLayer&cx=c&gtm=457e4bc0h1za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
324a25fa9228111cd54f873b190ad353c7e37f585fcd523681a916aa31e9ab6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2398
date
Mon, 18 Nov 2024 02:02:22 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
857991916
td.doubleclick.net/td/rul/ Frame 98F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/857991916?random=1731895342273&cv=11&fst=1731895342273&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0h1v9130190201za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&hn=www.googleadservices.com&frm=0&tiba=%E6%AE%8B%E6%A5%AD%E4%BB%A3%E3%83%81%E3%82%A7%E3%83%83%E3%82%AB%E3%83%BC%20%7C%20%E6%AE%8B%E6%A5%AD%E4%BB%A3%E8%AB%8B%E6%B1%82%E5%BC%81%E8%AD%B7%E5%A3%ABPRO&npa=0&pscdl=noapi&auid=1014969650.1731895342&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-857991916&l=dataLayer&cx=c&gtm=457e4bc0h1za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://overtimeguide.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Nov 2024 02:02:22 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame E130 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fovertimeguide.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-857991916&l=dataLayer&cx=c&gtm=457e4bc0h1za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
16221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Nov 2024 21:32:01 GMT
expires
Mon, 17 Nov 2025 21:32:01 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/857991916/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/857991916/?random=1731895342273&cv=11&fst=1731895200000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0h1v9130190201za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&hn=www.googleadservices.com&frm=0&tiba=%E6%AE%8B%E6%A5%AD%E4%BB%A3%E3%83%81%E3%82%A7%E3%83%83%E3%82%AB%E3%83%BC%20%7C%20%E6%AE%8B%E6%A5%AD%E4%BB%A3%E8%AB%8B%E6%B1%82%E5%BC%81%E8%AD%B7%E5%A3%ABPRO&npa=0&pscdl=noapi&auid=1014969650.1731895342&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dXKTmsWbFkp5Y3-WvkV3MoiWV8o9E_g&random=2635138984&rmt_tld=0&ipr=y
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 18 Nov 2024 02:02:22 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.co.jp/pagead/1p-user-list/857991916/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/857991916/?random=1731895342273&cv=11&fst=1731895200000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0h1v9130190201za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fovertimeguide.com%2Fsimulation%2F&hn=www.googleadservices.com&frm=0&tiba=%E6%AE%8B%E6%A5%AD%E4%BB%A3%E3%83%81%E3%82%A7%E3%83%83%E3%82%AB%E3%83%BC%20%7C%20%E6%AE%8B%E6%A5%AD%E4%BB%A3%E8%AB%8B%E6%B1%82%E5%BC%81%E8%AD%B7%E5%A3%ABPRO&npa=0&pscdl=noapi&auid=1014969650.1731895342&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dXKTmsWbFkp5Y3-WvkV3MoiWV8o9E_g&random=2635138984&rmt_tld=1&ipr=y
Requested by
Host: overtimeguide.com
URL: https://overtimeguide.com/simulation/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 18 Nov 2024 02:02:22 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
overtimeguide.com/wp-content/themes/overtime/images/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://overtimeguide.com/wp-content/themes/overtime/images/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
219.94.128.231 Hiyoshi, Japan, ASN9371 (SAKURA-C SAKURA Internet Inc., JP),
Reverse DNS
www991.sakura.ne.jp
Software
nginx /
Resource Hash
fcdcadd7ea29d24b747ef346f418cf9522547712a69cb76f4486b4b4f727df1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://overtimeguide.com/simulation/

Response headers

accept-ranges
bytes
content-length
1150
date
Mon, 18 Nov 2024 02:02:26 GMT
etag
"47e-57a8e17651b00"
content-type
image/x-icon
last-modified
Tue, 13 Nov 2018 16:13:00 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| GooglebQhCsO

7 Cookies

Domain/Path Name / Value
.overtimeguide.com/ Name: _fbp
Value: fb.1.1731895341886.827487392857431476
.overtimeguide.com/ Name: _gid
Value: GA1.2.201850330.1731895342
.overtimeguide.com/ Name: _gat_gtag_UA_163607726_1
Value: 1
.overtimeguide.com/ Name: _ga_8Q7SHL9SDM
Value: GS1.1.1731895342.1.0.1731895342.0.0.0
.overtimeguide.com/ Name: _ga
Value: GA1.1.40404154.1731895342
.overtimeguide.com/ Name: _gcl_au
Value: 1.1.1014969650.1731895342
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
googleads.g.doubleclick.net
overtimeguide.com
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
142.250.198.3
142.250.199.100
142.250.199.98
142.250.207.14
219.94.128.231
2404:6800:4004:80a::2008
2404:6800:4004:811::2002
2404:6800:4004:820::200e
31.13.82.36
31.13.82.7
0cbc187874244e38618cb4212d59ae7fc8728d61ee1041a505d5e4717d0b38a0
0d3c94586bee408b77829d04afa9c9e99c284d6f44822e81bec3e77771de1632
1a65e84a516dd23fc633e14854a5e00eae5a63f6038e82d918af78f714764067
1bc20e4a3b89b16afeeed47ae002adf4eace023f8935babf022936c408cf8881
20c4b9e4c887ac0ee4463b4ea536614ef7224bb709e970a6e06767249e630b55
2cde08e0351a889129d37ca5561e30652333a2ea53dd703f9736003b72179427
324a25fa9228111cd54f873b190ad353c7e37f585fcd523681a916aa31e9ab6f
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
4dc408beeebe516eabf139f3439369a991bc06489003460b5e3cf71e3db2c9ba
516e2c3b128789c555898f514b9937a8202ff89fa8a6f3c3fe13b0f16e2bf18a
5a87dfd2f44983d065c748027617bf1fd03d928de6e8fd21f07fe862481da4d1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70d76bdee3a4e6a600ee7965acb5e9b8f480d273c1b08d4382c64fc7ffecd29d
7af889af183d60c00a065a19c68f987558d55bf7964021e38b91b0ea38e96bc8
7bc7f634860719b12cdcc13bb0484c7824311cec93195cb0a6645c7da9237df4
86a5a90163f2d9cb834ebc87e9d7af3aefe53d88810c166b0aa0f8c6b6d1cf6b
8ea1ae818a02c6cbe4a1799535bab39674b89c9a48a2c104e190fa4a7e35db6b
9597761b6729728a3f178fa4b72a1a3113e41895f31d3fe97e8cde1cb81b73b5
a9367cf6fb0340238c9d2a868546de6dbcb4d133de7eba69be6cb7fd3657036e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab439f867e71610a643985f9f3066e2dc4d9a5cd5f48442dfcdd3b03ad6a2e40
b0dc18203f73b356f07fc18181a4776abb7af1c5cf7798c8e3457dafc58853b3
bd47e55805766d5b19cb8144f8fbb9d037105d56be4e7a4b04cd97ad3fa2844c
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
cdb9818ac38ba6c3e0a6db4b42e69b3cb3c7a2e43be983dd7dab86b820753099
d3a392f3b80d3d3f3bc0f5abc9a8c182e2e577172774fb1570c4a4c6ec0254ef
db269e49f0c34f8960f0517ee0a2db5edb7a0d75809d864d785dd860e2f9871e
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e008d56a7e147c45459b6a8b4a78b24c13a2205f792b0d58a8c9fa455ccad6e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65d9bf6c844b8bd599f2355974d235a2732e808ed5ece637c0ad48b1cd6d9e3
e922354e9c127e54e21933b1aada4eba90cd4dccd0860053d10e8f0454e7ab67
eaf5378584aac9c214f98cca3549545657a19a4d45aaf6dd2f6351af0351e380
ee0cd068b26a7b1056094d4c24644ef12dd2d01eb308c914217261b3aa7e5dd3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f60f2d463c02fcc6af69a3bb884c8ef00bc5daf01a85670fd562d281050c2aad
fa0ef9a469769bccea5bb1170ff100ebc927b4a5fb4ebc9b2ca6575003af63ac
fcdcadd7ea29d24b747ef346f418cf9522547712a69cb76f4486b4b4f727df1b