payroll.my Open in urlscan Pro
13.113.144.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://payroll.my/
Effective URL:
https://payroll.my/
Submission: On January 22 via api (January 22nd 2024, 6:15:59 am UTC) from US — Scanned from JP

Summary HTTP 230 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 18 domains to perform 230 HTTP transactions. The main IP is 13.113.144.31, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is payroll.my.
TLS certificate: Issued by R3 on December 24th 2023. Valid for: 3 months.

This is the only time payroll.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	13.113.144.31 13.113.144.31	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:824::2008	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
36	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:400a:80e::200e	15169 (GOOGLE) (GOOGLE)
5 27	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
12	2a03:2880:f00... 2a03:2880:f00f:104:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
31	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:818::2002	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:826::200e	15169 (GOOGLE) (GOOGLE)
8	216.58.220.98 216.58.220.98	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:818::200a	15169 (GOOGLE) (GOOGLE)
4 5	2404:6800:400... 2404:6800:4004:828::2004	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4009:800::2003	15169 (GOOGLE) (GOOGLE)
1	142.251.170.155 142.251.170.155	15169 (GOOGLE) (GOOGLE)
1 1	2404:6800:400... 2404:6800:4004:821::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:2e::6	15169 (GOOGLE) (GOOGLE)
2 4	142.251.222.6 142.251.222.6	15169 (GOOGLE) (GOOGLE)
2	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
1	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
1	2600:140b:a00... 2600:140b:a00:e::b81d:8ccb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
1	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
230	28

25 13.113.144.31 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com

payroll.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:400a:80e::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2404:6800:4004:810::2002 (Australia) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f00f:104:face:b00c:0:3 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

scontent-nrt1-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:818::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.220.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s30-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:818::200a (Australia)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:828::2004 (Australia) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4009:800::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.170.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tc-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::200e (Australia) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:2e::6 (Australia)

ASN15169 (GOOGLE, US)

r1---sn-oguesn6r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.222.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:a00:e::b81d:8ccb (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	687 KB
46	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 955 scontent-nrt1-2.xx.fbcdn.net — Cisco Umbrella Rank: 145601	1 MB
34	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	265 KB
25	payroll.my 1 redirects payroll.my	290 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	182 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	142 KB
9	google.com 4 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	69 KB
9	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107	121 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	325 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1402 r1---sn-oguesn6r.c.2mdn.net	2 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 16730 c.statcounter.com — Cisco Umbrella Rank: 10394	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	87 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	87 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	139 KB
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 23523	526 B
1	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 604	431 KB
230	18

	Domain	Requested by
34	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
31	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
27	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
25	payroll.my	1 redirects payroll.my
23	pagead2.googlesyndication.com	payroll.my pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	scontent-nrt1-2.xx.fbcdn.net	www.facebook.com
9	www.facebook.com	1 redirects payroll.my static.xx.fbcdn.net connect.facebook.net
8	www.googleadservices.com	payroll.my
7	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	payroll.my googleads.g.doubleclick.net
6	csi.gstatic.com	imasdk.googleapis.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	ad.doubleclick.net	2 redirects
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	imasdk.googleapis.com	googleads.g.doubleclick.net payroll.my
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ade.googlesyndication.com
2	r1---sn-oguesn6r.c.2mdn.net	payroll.my
2	connect.facebook.net	payroll.my connect.facebook.net
2	cdnjs.cloudflare.com	payroll.my cdnjs.cloudflare.com
2	www.googletagmanager.com	payroll.my www.googletagmanager.com
1	cm.g.doubleclick.net
1	s-cs.send.microad.jp	1 redirects
1	cdn.doubleverify.com
1	googleads4.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	payroll.my
230	31

This site contains links to these domains. Also see Links.

Domain
hr.my
freechequewriter.com
lampiran1.hasil.gov.my
www.kwsp.gov.my
www.perkeso.gov.my
www.hasil.gov.my
calcpcb.hasil.gov.my
facebook.com
jsns.eu

Subject Issuer	Validity	Valid
payroll.my R3	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-31` - `2024-01-29`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://payroll.my/
Frame ID: A595F93952163853ED502CB5B9263F7D
Requests: 47 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252F202708376488646%26tabs%3Dtimeline%26width%3D350%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 9C5F53384FFAF0AA18B75DB2CF27A190
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: B723C5AD5AD970F5D7F0C3B3F53D4BA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&adk=1812271804&adf=3025194257&lmt=1705904154&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fpayroll.my%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904155008&bpp=5&bdt=270&idt=276&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7072107424385&frm=20&pv=2&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: 7B34D8D00537805F47E4BE303E5E02F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=200&slotname=2059126289&adk=1158759801&adf=1602745239&pi=t.ma~as.2059126289&w=940&fwrn=4&lmt=1705904154&rafmt=11&format=940x200&url=https%3A%2F%2Fpayroll.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904155013&bpp=2&bdt=275&idt=290&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&rplot=4&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=3&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295
Frame ID: 520A8037361223288D7324F06BA36C1D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=250&slotname=2737906844&adk=2266820169&adf=4260084012&pi=t.ma~as.2737906844&w=300&lmt=1705904154&format=300x250&url=https%3A%2F%2Fpayroll.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904155015&bpp=1&bdt=277&idt=299&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x200&nras=1&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=3&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=302
Frame ID: 5E26A6E46B3767E83201C59C5FB8CEE9
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 7E422F9A9133F12AFAC1F854B04DA728
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6773561368244514&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705904154&rafmt=1&to=qs&pwprc=4511807673&format=1200x280&url=https%3A%2F%2Fpayroll.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904156176&bpp=1&bdt=1439&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D686571f1f9ed0ba7%3AT%3D1705904155%3ART%3D1705904155%3AS%3DALNI_MaAvmbr8IDASshYo88JpH__MJ0slg&gpic=UID%3D00000cecdd30ae07%3AT%3D1705904155%3ART%3D1705904155%3AS%3DALNI_MZOVtZW6gDg0PdvHqyd28I4TY5AAg&prev_fmts=0x0%2C940x200%2C300x250&nras=2&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&psts=AOrYGskEZLxrWHDkzvLGsJ5FqJiNJUrFxXa8_oJ0svq0JqB_iaEi6jZFN3GSdNJN6NS4U9nBnaonm-fzZBssTOry81iV8JRP&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=58
Frame ID: 8EDF20684FC51602780F2818B8F4EE43
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6773561368244514&output=html&h=90&adk=413024534&adf=3844467294&pi=t.aa~a.1535826200~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705904154&rafmt=1&to=qs&pwprc=4511807673&format=1200x90&url=https%3A%2F%2Fpayroll.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904156176&bpp=1&bdt=1439&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D686571f1f9ed0ba7%3AT%3D1705904155%3ART%3D1705904155%3AS%3DALNI_MaAvmbr8IDASshYo88JpH__MJ0slg&gpic=UID%3D00000cecdd30ae07%3AT%3D1705904155%3ART%3D1705904155%3AS%3DALNI_MZOVtZW6gDg0PdvHqyd28I4TY5AAg&prev_fmts=0x0%2C940x200%2C300x250%2C1200x280&nras=3&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&psts=AOrYGskEZLxrWHDkzvLGsJ5FqJiNJUrFxXa8_oJ0svq0JqB_iaEi6jZFN3GSdNJN6NS4U9nBnaonm-fzZBssTOry81iV8JRP&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=61
Frame ID: EA085343C0083BC734572E9514A9DB26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 692FAA77C4F4583DB41A59BEA58B05B5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A4B91C1CAFEF330B1CC251B0E2C86C95
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C53BA3C923F167A9DFB75DEEB2506178
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 332C4372460C4E20FFD100F18841AD1B
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1DE53B2B9E7C65EE8201866AF0CBA00D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9CCE547B310D3DAC1109779FEDDF9DF7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 06952BE810EC80586D13D1FD1FF8D37D
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3EB67B2E59C0AC7FBCC30660809580D4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DA62625C7360B70D44413FBBF65050B2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 4ABA7906AF1844BB1501897F859B9F07
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 24CE490FC1A23EB8E7804EF8BF9863B4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 5165F6E0365B0824E78D64C2A369528B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: BCE3F508175900742BABE73C8486A223
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5be75381aa8e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&container_width=940&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true
Frame ID: 1157F523414DF139A5736736CE7A359B
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df328cef68338f7%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&send=true&show_faces=false&width=450
Frame ID: F1921AA974CBEDB0995F69A5CA122F57
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Frame ID: A8C5D3456D90CF3207CC62E892898F63
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 306C0B3312DCC85188BDA4CE68AC916A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dfe0b54ef365c%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true
Frame ID: FD6E3D7DCA81C7E1B9CA4A119CC05657
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 91443362123099165CF071E36892B3D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C80A8A7438B0851EB537174B6200962F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PCB Calculator 2024, EPF Calculator & SOCSO Table - Free Malaysian Payroll Software

Page URL History Show full URLs

http://payroll.my/ HTTP 301
https://payroll.my/ Page URL

Detected technologies

Joomla (CMS) Expand

Overall confidence: 50%
Detected patterns

(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

230
Requests

93 %
HTTPS

69 %
IPv6

18
Domains

31
Subdomains

28
IPs

4
Countries

5749 kB
Transfer

13379 kB
Size

14
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://hr.my/
Title: Free HR & Payroll. Unlimited Employee.

Search URL Search Domain Scan URL

URL: https://freechequewriter.com/cheque-amount-to-word-converter
Title: Amount in Words

Search URL Search Domain Scan URL

URL: https://hr.my/doc/timeclock-attendance-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=calculator
Title: Free Time Clock Attendance

Search URL Search Domain Scan URL

URL: https://hr.my/?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=calculator
Title: Leave Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/expense-claim-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=calculator
Title: Claim Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/ea-form.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=eaform
Title: EA Form

Search URL Search Domain Scan URL

URL: https://hr.my/?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=note
Title: HR.my - Free Malaysian Payroll and HR Software

Search URL Search Domain Scan URL

URL: https://hr.my/doc/leave-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=leave
Title: Leave Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/expense-claim-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=claim
Title: Expense Claim Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/timeclock-attendance-management.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=attendance
Title: Time Clock and Attendance Management

Search URL Search Domain Scan URL

URL: https://hr.my/doc/document-workflow.html?utm_campaign=payroll&utm_source=payroll&utm_medium=web&utm_content=workflow
Title: Document Workflow

Search URL Search Domain Scan URL

URL: http://lampiran1.hasil.gov.my/pdf/pdfam/Jadual_PCB_2018.pdf
Title: PCB Table 2018

Search URL Search Domain Scan URL

URL: http://www.kwsp.gov.my/portal/documents/10180/175560/JADUAL_KETIGA_04012019_ENG.pdf
Title: EPF Contribution Third Schedule

Search URL Search Domain Scan URL

URL: https://www.perkeso.gov.my/index.php/en/social-security-protection/employer-employee-eligibility/rate-of-contributions
Title: SOCSO Table

Search URL Search Domain Scan URL

URL: https://www.perkeso.gov.my/index.php/en/eis-registration-contribution/eis-contribution-rate
Title: SIP / EIS Table

Search URL Search Domain Scan URL

URL: http://www.kwsp.gov.my/portal/home?display_mode=classic
Title: KWSP

Search URL Search Domain Scan URL

URL: https://www.perkeso.gov.my/index.php/ms/
Title: PERKESO

Search URL Search Domain Scan URL

URL: http://www.hasil.gov.my/
Title: LHDN / Hasil

Search URL Search Domain Scan URL

URL: http://calcpcb.hasil.gov.my/pcb_calc_2023.php?&csrf=2145664acbe3a2ed4110367&statwork=1
Title: Kalkulator PCB - Lembaga Hasil Dalam Negeri

Search URL Search Domain Scan URL

URL: https://facebook.com/202708376488646

Search URL Search Domain Scan URL

URL: https://jsns.eu/
Title: jsns.eu

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://payroll.my/ HTTP 301
https://payroll.my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://googleads.g.doubleclick.net/pagead/adview?ai=CDKrEGwiuZaSJFcLV7OsP7aOPkAbJyKvJdJjd2aOqEYqc3cjBARABIMOm5R1gifPFhPQToAHg8PvcAcgBCakCztEzJx3_PD6oAwHIA8sEqgTdAU_Q4JjfMEzphFkZ8PyqbfRwXRr98bLNtU6xqgUV8oQe0sx-XcVHUU8658FlhUq1LcVtY1FyH_mlWHAZUZR7VV5qIkFZ6pfeinjGHtl7jR7JZq_mQx4E1kEjSUdRHOcz9oVkcgUGKcBXXME2lW_S8dvDJW6Sm-_IVninL3DbkLglsfY2bxr7eK4Enux4NBo6iHGaPdb10dzdXvqMS52nrqTQpu1H3Sn94xCoKPvWXqf_C1nYixgEqxilkn90L3SY1QtV9C9rJal09aLVPpxFO8lVkONWUanWRPR6VS3ywASoiZGJsQOIBfuRyckskgUECAQYAZIFBAgFGASgBi6AB4iPhKMCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ2fQQ0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli94cyZrPCDA5oJIGh0dHBzOi8vbWV0YXRyb24taG9saXN0aWMudG9reW8vgAoByAsB2gwRCgsQ8MTjus78lMirARICAQO4E4gE2BMK0BUBmBYBgBcBshccChoIABIUcHViLTY3NzM1NjEzNjgyNDQ1MTQYALIYBBIC604&sigh=KvYrQkRrNWI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_BLsXr_M1_rmpXKW2FHFkTwXUvZ5I8JOELggW2SUEzf0MACKZ2pDI8P4DvvgXyt432CzNR4SLzmGKv7a3VMk0gzInk-XpgFD1QxgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x28715e827fd417040000000000000000%22,%222%22:%220x2e54a987fbc55ead0000000000000000%22,%223%22:%220x18abda8e729ab0d80000000000000000%22,%224%22:%220xe630fa14866e03930000000000000000%22,%225%22:%220x1fe5e8f6569c00e20000000000000000%22},%22debug_key%22:%2212745177235757578417%22,%22debug_reporting%22:true,%22destination%22:%22https://metatron-holistic.tokyo%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22463403104%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213077244873519315649%22}&andc=true

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 148

https://googleads.g.doubleclick.net/pagead/adview?ai=CyZvAGwiuZYuxFcCBs8IPjOutwAG0itKRXrjZjNC1EOqf3KDUARABIMOm5R1gifPFhPQToAGg7KqSA8gBAakCztEzJx3_PD6oAwHIA8MEqgTcAU_QitHCGNpdWNwyIHDNibZvxaZvEAw8ilWvLOeOqopp4QMjRR8_GEQPO2M0j4tRLwEQ0Hj30w-AJ8PKiA4qLH43egzVm_TzBYgKKQJH8-JNgngjBPsfeuPWjIt8AHR3Zsq6R_qQDFsAQxfnFGx7DN7EYb8t_jpUwGCFnh2urQPbGLZSSLfP9N4lc3rOmSNxSUbnGM5Atn2PGCqGZ4u1CXYU-9-x-RQPFoanS2I55Nph0HRi6vQ4UldnunBgxWHaIY6e_3y1xYU3EQ-RfmNeWo8KtVy5UVdhZvz_wZHABMr40MuJA4gF0fL_lieSBQQIBBgBkgUECAUYBKAGZoAHyJPVbagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMCQJtIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYrIjNmazwgwOaCSJodHRwczovL29hc2lzd2FkYXVyYS5rYXlhYnVraS5iaXovgAoByAsBogwIKgYKBKy6sQLaDBAKChCAo8H02I724yESAgED2BMKiBQB0BUBgBcBshccChoIABIUcHViLTY3NzM1NjEzNjgyNDQ1MTQYAA&sigh=7W9iOzUy3wA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_NBnu1R8t5n3dZ6FpTxqHd7lAkWKpKA6i3OKrwC4sDp5TWeozw2B5EToXjvVyGV3Ta8PZhBMsSbkeJ_a5qCmz-vg7asAAjSgskxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb4ddbfd2c53794ee0000000000000000%22,%222%22:%220x47b0ca9f512a398d0000000000000000%22,%223%22:%220xb8f0a65544942cfd0000000000000000%22,%224%22:%220x8fc1df77fb836c6a0000000000000000%22,%225%22:%220xc9baa13381551c0000000000000000%22},%22debug_key%22:%2213120276261051866323%22,%22debug_reporting%22:true,%22destination%22:%22https://kayabuki.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22843757088%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222801082755128489249%22}&andc=true

Request Chain 149

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 158

https://googleads.g.doubleclick.net/pagead/adview?ai=C2gd1GwiuZZfRFMjbs8IP35aQkAKNi5-8ddyg5p6nEtrZHhABIMOm5R1gifPFhPQToAGG-eDBKsgBAqkCztEzJx3_PD6oAwHIA8kEqgTKAU_QanqTxsQj_dVck-yfAWn61Sh3_WKM36xQXl788PoOzUuJFkcS5Gzj8Aaw5-a0cM2We56sp9Jy0nvmK4MgWhW7RCOzfubF9jMam6JAlD0U5F1OB-D8_twLPzCWNKKmYEtObdWWhx4WsMVXQg_5_ehsgBLt4seMgGS_dU4Qr4QuGtveV-GHqB8YfjKKXZBqB3CmchFZilT-GwsnfGurXG0jhVlsuw5OmdccdBbNIh9oxSdQmvChKrfQP-Rebp3aa2AC0jGexuWlt6XABLTp6fzaBIgFl5i72U2SBQQIBBgBkgUECAUYBKAGAoAHhrGxoQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCcgA3SCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WNemzJms8IMDmglVaHR0cHM6Ly9tYXBsZXN0b3J5Lm5leG9uLmNvLmpwL2NhbXBhaWduL25ld2FnZS8_YXJndW1lbnQ9R2ttYUdCeFkmZG1haT1hNjU3MTMwN2UyMjZhYoAKAcgLAaIMCCoGCgSsurEC2gwRCgsQ4Ib6qq2p0PjmARICAQPYEwLQFQGAFwGyFxwKGggAEhRwdWItNjc3MzU2MTM2ODI0NDUxNBgA&sigh=Oid0hcdB4Gs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6abcdec847344920000000000000000%22,%222%22:%220xe48b8543692f78770000000000000000%22,%223%22:%220x3f7a79bee7ac2cb0000000000000000%22,%224%22:%220x983b8492a09abe0f0000000000000000%22,%225%22:%220xeed43fa40225dffb0000000000000000%22},%22debug_key%22:%2212195376761719853103%22,%22debug_reporting%22:true,%22destination%22:%22https://nexon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211412192390%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229971386368836473089%22}&andc=true

Request Chain 160

https://googleads.g.doubleclick.net/pagead/adview?ai=CuvKsGwiuZZjRFMjbs8IP35aQkAKNi5-8ddyg5p6nEtrZHhABIMOm5R1gifPFhPQToAGG-eDBKsgBAqkCztEzJx3_PD6oAwHIA8kEqgTKAU_QkPNf_Nhc3DLTX6sGDCnky7lPPEmC0Et5UBCg9-9TlJAQpTQ-kSNoo0QOoyNdLpbcpM3IBU43z7Bdr8xqAUsbfY8Je0fxwmDZlmdCuR-xnt1YWY-BjL8CQ4v4Xg-COZBs6YvCCgftmBwjNKRD-Oncxmbml4eemkKQOxva0V_s0nzQOIBMoSFsdVpANCL1hun-QK1UDcGaJTcD21GrfxM39eayT_XQM8U0vjHsX8g_tV2wKgQb-vbOZIM15PCEwr9xd5UNMrrmSvbABLTp6fzaBIgFl5i72U2SBQQIBBgBkgUECAUYBKAGAoAHhrGxoQWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCa5AvSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WNemzJms8IMDmglVaHR0cHM6Ly9tYXBsZXN0b3J5Lm5leG9uLmNvLmpwL2NhbXBhaWduL25ld2FnZS8_YXJndW1lbnQ9R2ttYUdCeFkmZG1haT1hNjU3MTMwN2UyMjZhYoAKAcgLAaIMCCoGCgSsurEC2gwRCgsQoMjJ74aZjdLdARICAQPYEwLQFQGAFwGyFxwKGggAEhRwdWItNjc3MzU2MTM2ODI0NDUxNBgA&sigh=HuwHtmVsGzY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6abcdec847344920000000000000000%22,%222%22:%220xe48b8543692f78770000000000000000%22,%223%22:%220x3f7a79bee7ac2cb0000000000000000%22,%224%22:%220x983b8492a09abe0f0000000000000000%22,%225%22:%220xeed43fa40225dffb0000000000000000%22},%22debug_key%22:%224620622430464224588%22,%22debug_reporting%22:true,%22destination%22:%22https://nexon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211412192390%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223834513713233348817%22}&andc=true

Request Chain 164

https://gcdn.2mdn.net/videoplayback/id/0e995841ebf0ab13/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737440156/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/71AFED0D48DA4584CC82C69F7C6A933EDB387266.4E2C6A333A6FE013E5C3442F2AAC945C51D947C1/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-oguesn6r.c.2mdn.net/videoplayback/id/0e995841ebf0ab13/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737440156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6411AA7A26607A917870CF4173C18EADF92D7CED.496B7553132A241714830E4E2C4DC27DEE13A761/key/cms1/cms_redirect/yes/mh/dV/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-oguesn6r/ms/onc/mt/1705903712/mv/m/mvi/1/pl/48/file/file.mp4

Request Chain 173

https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500

Request Chain 176

https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_pre=CKG7vJqs8IMDFd_LFgUdiq4MLQ;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 177

https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_pre=CO2rvJqs8IMDFexEwgUdcoUCxg;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 182

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNaySBDBg5DdBRiY3_iDAiABMAE&v=APEucNULCyq63-RmvAHassuGpjRKplMWA26fO5pFXRCouC4Mrz2nX8-a4smNk3g5Nh0sBpx5p9HW9tt1kBR-aU_EmDNZ0l_k1vrHH0JZcisRcYAdxzf0wHA HTTP 302
https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

230 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
payroll.my/
Redirect Chain

http://payroll.my/
https://payroll.my/

35 KB
12 KB

42ms
34ms

Document
text/html

13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 16905e9423a4f287012b36a15448072274b418b8b4198285989c126bea2db3dd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Jan 2024 06:15:54 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Mon, 22 Jan 2024 06:15:54 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Mon, 22 Jan 2024 06:15:54 GMT
Location: https://payroll.my/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 89ms
45ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-99577156-2

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9cba1857222e80c0a5c8bb8f88c681b511a5042d3d2c2ba1d745eb3c3b403a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51755
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 06:15:54 GMT

GET
H/1.1 200
OK modal.css
payroll.my/media/system/css/ 3 KB
1 KB 9ms
4ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/css/modal.css?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5d399bcd50e595112a3c3342889765359e5dba919dc738aa559e826aec89b31c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-bc5"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK fbar.css
payroll.my/plugins/content/fbar/ 1 KB
821 B 10ms
3ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/plugins/content/fbar/fbar.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ac0113db18b2bf86355b310ef7859c3eb6389566e288422497392ea8ff37eaf0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583131-573"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
payroll.my/components/com_djclassifieds/themes/default/css/ 52 KB
11 KB 10ms
3ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/components/com_djclassifieds/themes/default/css/style.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d8254941c31678787346d958d0efcded555e6cdf43c9d30b581f77cf9ae9f0bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583133-d1dd"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style_default.css
payroll.my/components/com_djclassifieds/themes/default/css/ 9 KB
2 KB 10ms
3ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/components/com_djclassifieds/themes/default/css/style_default.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3dfe31c9a1176ec6dd88c64bbba94cd47d42f31d37ae6f2c35539d5b0b81f6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583133-239d"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK responsive.css
payroll.my/components/com_djclassifieds/themes/default/css/ 4 KB
2 KB 11ms
3ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/components/com_djclassifieds/themes/default/css/responsive.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7010799d0a3f9b84922aafda3957995808a3833d409c10dbb830321fb337236d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583133-11c5"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK template.css
payroll.my/templates/protostar/css/ 161 KB
34 KB 15ms
7ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/templates/protostar/css/template.css?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 31d5d20ba867e9d763b937c3bd7784b90eb2ddb7e5dac6f41689b21e3dcae966

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Jan 2022 10:41:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61e547d1-282ec"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 86ms
42ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 06:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 04:30:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 06:15:54 GMT

GET
H/1.1 200
OK style.min.css
payroll.my/modules/mod_facebook_slide_likebox/tmpl/css/ 4 KB
2 KB 14ms
3ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/modules/mod_facebook_slide_likebox/tmpl/css/style.min.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f6b5044cfdbf0d2d36814fbc517f7d1e48a83a10bd6d27ba6706dca074f06bc9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 09:29:36 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"60094980-ff9"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 20ms
9ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4694342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10391
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEroMMsLKUk2rrWvgjsDije5ebK6nx3U95%2BKvlyX8IjoQbzVKfusMoRQ06B7i5vLcK63CblQQLFLt%2BBLBv7TDr0FH%2BkxI8I8JhM1dxEKsj7uVHDsChRIBp1dMb6kt0KZYstSiDk7Om3cOveRgp4s5Q%2B9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8495aa472a30685b-NRT
expires: Sat, 11 Jan 2025 06:15:54 GMT

GET
H/1.1 200
OK mootools-core.js Show response
payroll.my/media/system/js/ 82 KB
31 KB 17ms
7ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/mootools-core.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-147b5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK core.js Show response
payroll.my/media/system/js/ 9 KB
4 KB 13ms
2ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/core.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-221f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK mootools-more.js Show response
payroll.my/media/system/js/ 231 KB
79 KB 18ms
7ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/mootools-more.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-39d19"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK modal.js Show response
payroll.my/media/system/js/ 10 KB
4 KB 16ms
2ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/modal.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bb0d7bdcac2da7402e126ad96a388ce507fa972b741323a5a40ea65df2076b8d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-278f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery.min.js Show response
payroll.my/media/jui/js/ 95 KB
39 KB 20ms
7ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/jui/js/jquery.min.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-17d6e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery-noconflict.js Show response
payroll.my/media/jui/js/ 21 B
279 B 16ms
3ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/jui/js/jquery-noconflict.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61b45bf0-15"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21

GET
H/1.1 200
OK jquery-migrate.min.js Show response
payroll.my/media/jui/js/ 10 KB
4 KB 18ms
3ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/jui/js/jquery-migrate.min.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-2748"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK caption.js Show response
payroll.my/media/system/js/ 491 B
751 B 18ms
2ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/system/js/caption.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61b45bf0-1eb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 491

GET
H/1.1 200
OK bootstrap.min.js Show response
payroll.my/media/jui/js/ 28 KB
9 KB 19ms
4ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/media/jui/js/bootstrap.min.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-71c6"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK template.js Show response
payroll.my/templates/protostar/js/ 2 KB
1 KB 21ms
3ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/templates/protostar/js/template.js?9ac65f334bba47b55a1d62f05f44b962
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7b26c692500dd71cbd9b8d7e801152aa89394511bbe0e191f79aedef0951564b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 08:06:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61b45bf0-802"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 113ms
73ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19842629ea545940c96b2bb76adf57676c7d4e1cb9f73c1574df82fb739e2379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51630
x-xss-protection: 0
server: cafe
etag: 14017706428007162845
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 06:15:54 GMT

GET
H/1.1 200
OK payroll.my.css
payroll.my/cs/css/ 2 KB
992 B 11ms
2ms Stylesheet
text/css 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/cs/css/payroll.my.css
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5962ad278b639c518fbfb6d08d6309e4e0f578a97543225a80a834f844ef3838

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Jan 2024 10:59:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"65a11b8c-851"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK Payroll.my.beta.png
payroll.my/images/cs/logo/ 7 KB
7 KB 3ms
2ms Image
image/png 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payroll.my/images/cs/logo/Payroll.my.beta.png
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 29661f75cf859eed6d3825705712429caf06e3e25d62a216e21321155ed5cb68

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Last-Modified: Sat, 01 Jul 2017 23:33:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "59583130-1a2f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6703

GET
H/1.1 200
OK AjaxRequest.js Show response
payroll.my/cs/js/ 17 KB
5 KB 4ms
3ms Script
application/javascript 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payroll.my/cs/js/AjaxRequest.js
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 43be5a3181a17e89330922c0015fd9cb33d5b4a5311e20f756dbe964e685c133

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2017 23:33:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"59583132-42ad"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK cool.png
payroll.my/media/kunena/emoticons/ 781 B
1 KB 2ms
2ms Image
image/png 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payroll.my/media/kunena/emoticons/cool.png
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f69fa757fca82ffa06f59a98a7a7d3640ea96f0fa6655a5db8255953f0b935cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Last-Modified: Mon, 17 Jan 2022 01:30:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61e4c6a5-30d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 781

GET
H/1.1 200
OK HR.my_Payslip_Thumb.png
payroll.my/images/ 37 KB
38 KB 3ms
3ms Image
image/png 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payroll.my/images/HR.my_Payslip_Thumb.png
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 26876252a63eae3885b544ac4b5733fb349b3f41b509f1cdd0acd7c6ba2a2a57

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Last-Modified: Tue, 02 Apr 2019 00:21:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5ca2ab01-95a1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38305

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
3 KB 13ms
5ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90f4d1b812922f4a71c96f078c1e591834c698470e515d46703c3926bde52261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 06:15:54 GMT
content-md5: E0HbUdQryLZXqpi6PEiNEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: hUFQooNm5D7fGcCbr4Ec148JYLf5NqSV/xmm48ZbGLn3Il5EVHyKowWgzHEk88/JJO6Y6Qy6Y99kVFaI8UxsMQ==
x-fb-content-md5: cd1813110eb2120bdc31e5149d915a0a
cross-origin-opener-policy: same-origin-allow-popups
etag: "ade190a0ebaa7c24ddf26fe790a0ccad"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 22 Jan 2024 06:30:22 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 41 KB
15 KB 26ms
12ms Script
application/javascript 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: payroll.my
URL: https://payroll.my/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Jan 2024 16:51:56 GMT
server: cloudflare
age: 6223
etag: W/"65aaa8ac-a313"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8495aa480a722641-NRT
expires: Mon, 22 Jan 2024 16:32:11 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 299 KB
84 KB 7ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=a6e975499c833b9ae625f1934334aa32

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c7d3d820a7b76c6eb18b1936c2740e67e315da1890df8506f1a3df5a1e20538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://payroll.my/
Origin: https://payroll.my
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 06:15:54 GMT
content-md5: AQwnQQFyF9W4vNmhH1ATLg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86381
reporting-endpoints
x-fb-debug: QqafOtVJvOkIejh2AjWBHlpae7c+ViZf1dzBShszYR13obtNty9SW6bhGJwFt8hacjNK0cxdX5Nr2Gc0IBTorg==
x-fb-content-md5: 90f996975aef663005802cc7f67ec383
cross-origin-opener-policy: same-origin-allow-popups
etag: "664c66ff5116cc547ff5c711f71c32c0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 21 Jan 2025 06:10:22 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 9C5F 41 KB
15 KB 189ms
177ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

301fcbadcd8d48f386ea83daac2d8a2d39a42a3dd89a12f0ca10afe602e1aa54

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:54 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 6gJOXrnwB76nPYNNgLvN8uRTRzQ4ty4snAMjwRrp5Ejm6a5CR+kisWmhf/rWHwAmUKflcjLUSuJHgyWBbbjFHg==
x-xss-protection: 0

GET
H/1.1 200
OK fshare.png
payroll.my/plugins/content/fbar/ 503 B
750 B 4ms
3ms Image
image/png 13.113.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payroll.my/plugins/content/fbar/fshare.png
Requested by: Host: payroll.my
URL: https://payroll.my/plugins/content/fbar/fbar.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.144.31 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-144-31.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9a0b5cc4632c4d0bf462cac4dd58a334354b44559581d7917cfeb6cece852cc7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/plugins/content/fbar/fbar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:54 GMT
Last-Modified: Sat, 01 Jul 2017 23:33:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "59583131-1f7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 503

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 46ms
2ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payroll.my
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:19:45 GMT
x-content-type-options: nosniff
age: 176169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 05:19:45 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 76 KB
76 KB 14ms
9ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://payroll.my
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:54 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4359300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77400
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-12e58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=376hwrab%2BEGlEq%2FbJWnUKU3ZTR8D8gIvPy2XUOfIw86gstcopjbSiwrrEB3f4OTNe%2FEZzfJ67zARme0BvY7XMmD4NoNvoovjWeUnkWXXTVRP3M3BsBuenIhvBS%2Bpq8vV4%2Bwf6EZYqJqOgVL%2FIHnNBpTF"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8495aa48090d25f8-NRT
expires: Sat, 11 Jan 2025 06:15:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 49ms
48ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G85EWVDPZ3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99577156-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63e8c9e046af76840b75cca06fe1753909d12c83a4ca22875ace675350be7a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 06:15:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 83ms
11ms Script
text/javascript 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99577156-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 04:21:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6857
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 22 Jan 2024 06:21:37 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
488 B 163ms
160ms XHR
application/json 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=8319737&u1=899E667D735A4FC2EEA8EEB0C1F98257&java=1&security=11aa9540&sc_snum=1&sess=75b702&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//payroll.my/&t=PCB%20Calculator%202024%2C%20EPF%20Calculator%20%26%20SOCSO%20Table%20-%20Free%20Malaysian%20Payroll%20Software&invisible=1&sc_rum_e_s=243&sc_rum_e_e=260&sc_rum_f_s=0&sc_rum_f_e=217&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://payroll.my
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 8495aa486b162641-NRT
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 402 KB
137 KB 107ms
106ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccd1e09968dc4c7a4cf1c611af01c28f68b41dddd89e05ec265c250a6f665a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139598
x-xss-protection: 0
server: cafe
etag: 12517473036530165278
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 06:15:55 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame B723 9 KB
4 KB 42ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:42:57 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 15:42:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 45ms
45ms Ping
text/plain 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-G85EWVDPZ3&gtm=45je41h0v898947310&_p=1705904154759&gcd=11l1l1l1l1&dma=0&cid=1833848810.1705904155&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705904155&sct=1&seg=0&dl=https%3A%2F%2Fpayroll.my%2F&dt=PCB%20Calculator%202024%2C%20EPF%20Calculator%20%26%20SOCSO%20Table%20-%20Free%20Malaysian%20Payroll%20Software&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=388
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G85EWVDPZ3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payroll.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 45ms
45ms XHR
text/plain 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=56638926&t=pageview&_s=1&dl=https%3A%2F%2Fpayroll.my%2F&ul=en-us&de=UTF-8&dt=PCB%20Calculator%202024%2C%20EPF%20Calculator%20%26%20SOCSO%20Table%20-%20Free%20Malaysian%20Payroll%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1391987889&gjid=366224776&cid=1833848810.1705904155&tid=UA-99577156-2&_gid=162018108.1705904155&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=479405641

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payroll.my/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payroll.my
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/ Frame 9C5F 20 KB
6 KB 17ms
5ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f52d737df458888643eccb2af914b9f26faab334a15fab6da9ecfa7282ea76d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pOduJb1AbZf8GewcOKEDbA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5240
reporting-endpoints
x-fb-debug: 1S89pqzzN/Rn9hewSjzjWVsg1KCq/AizBMnIdHIaArnKl7VfyMWVH3h2+EuYqwOV+TptIXFTnGw+xefwStbc7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 16 Jan 2025 22:06:08 GMT

GET
H2 200 oZB9N6h5pPF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 9C5F 353 KB
91 KB 25ms
13ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07e7fe2ae1f7a8b12a42abe3d98f965966c1b8f505d3b4b2c951ed072bc3bca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xo4X8+9CY4R/JniO37MSig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93331
reporting-endpoints
x-fb-debug: Em5eTNH7/0aR+eIy1EQjjiLmQdusDke4RS/eUDfnhOQdxYkAaSwFp80Tei+L2pYL767KxSlmX+smHZ0PAGnZ5Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 17 Jan 2025 23:58:00 GMT

GET
H2 200 Cn_OgNtBsi4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 9C5F 7 KB
2 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/Cn_OgNtBsi4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da9912d4e908e3788e753fe3583a9063c0b65049f82d366fe871f03368f7ce10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B9gIP5hWP1n5LlUoNnhxow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2301
reporting-endpoints
x-fb-debug: KSjwLQWpG8/jKpBWFQ0PL/VAoCKDkGm+bbwxljhoGJ5Dd8xDj1GS1VSpeJyAM5Je1XW+4YA+bIOie2Rz53wfkg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 09 Jan 2025 19:24:32 GMT

GET
H2 200 ru8zNtgW1u3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 9C5F 94 KB
27 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/ru8zNtgW1u3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xfgcH48ZrXyM9ExSIhREow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27517
reporting-endpoints
x-fb-debug: vkPRhsHJ88j0p5wsoDHRoHE6G4+jHi2tnn1OBW6lwJMOqvYKBipr9kn25LvCOh3P1LaN89XDEjDt/YZhd+U+zQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 11 Jan 2025 16:03:54 GMT

GET
H2 200 WDd6AOxHz0q.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 9C5F 51 KB
16 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/WDd6AOxHz0q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cac134aca5d573ff54447519d5cb7ccb10e4be05e58ab04d1c823e9ca05de0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iP8mA2aK/kTnUfNMkpvOEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16598
reporting-endpoints
x-fb-debug: f/rfMEK7TMLTgH3aHm1xUZa/+TDxYckzFT3j7dM7RhOJksBkHTiJ39sDFMmZjt6UJ1hclcqgVhlHgSgfY1I+Cw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 16 Jan 2025 22:04:01 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 9C5F 507 B
904 B 17ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: Wzq64HvgUAtykolCIixeTiXHAanz7CmaimEWET88pQbATWcIR/jzsoXK/2R6TSgaxk48RIkD3SdmtJHACFx4qQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 09 Jan 2025 18:51:12 GMT

GET
H2 200 mhWtbsD6qPU.js Show response
static.xx.fbcdn.net/rsrc.php/v3iZSi4/ye/l/zh_CN/ Frame 9C5F 28 KB
8 KB 27ms
16ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iZSi4/ye/l/zh_CN/mhWtbsD6qPU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61ad781f947c847a3a6f5c42919cd5f3037691a13f00785614cf9606ed549446

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BDc5+Ng+4W6frGqyyW3JMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7888
reporting-endpoints
x-fb-debug: /9gj6VDxYsEGBd7cO0j52s/wBNQpiH5leePAqSZtQ76AqBDqL4ndoa6BpOK4fq9jv5mhIGiYWvGmhWgnyxsJdw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 16 Jan 2025 18:24:04 GMT

GET
H2 200 Gnm9vzFr_bN.js Show response
static.xx.fbcdn.net/rsrc.php/v3iTSw4/yt/l/zh_CN/ Frame 9C5F 71 KB
20 KB 27ms
16ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yt/l/zh_CN/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95a68293f4eaeea95cb1871b459f87512346461cfbceb78b224807870dbe8ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vo4u6hXEwRZ2Sve44jiMPQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20163
reporting-endpoints
x-fb-debug: osfQAoEJOuAepa8n1Fn7YvxVQ3LogA2QimUjcElUjNdLx6K/BRitF554Who+uS2ygse00nSgzV5Olcn6GrOI2A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 09 Jan 2025 20:24:39 GMT

GET
H2 200 304696275_578496410639580_6938369199124765427_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame 9C5F 1 KB
1 KB 14ms
5ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/304696275_578496410639580_6938369199124765427_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=zp3zomMZ5loAX991yRK&_nc_ht=scontent-nrt1-2.xx&edm=ADwHzz8EAAAA&oh=00_AfCx0rk2Rhgkv5Tc1a9X7io5gma1i7XQNVoPASg7KDICEw&oe=65B2BCB7
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 282ec3875e7d2977770c63bdd9d7c2f3242dd887c20dc3592358d195521dacce

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:55 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 08 Sep 2022 15:46:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3059227054
thrift_fmhk: GBDoTga3tkCaiishvAd8XGMZFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 837725914
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1083

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 9C5F 573 B
711 B 6ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: lkWhahIssitc5i4b+rzkKqRiw34i0Kf91y8lG3+H1QbB8EVdwtRAAd8HUxxbDO4v1xMtWxY15N/LG6KiJcoKGw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Jan 2025 21:03:25 GMT

GET
H3 200 HoMN5oU548h.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 9C5F 210 KB
60 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/HoMN5oU548h.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddcebbf00b80631b39d8dc4c2a851f64ee7697506d6f0ffe0b0987f79247059a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NABz48nFQ34JnSEDiGvgMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 61440
reporting-endpoints
x-fb-debug: w0vqTQ62xaSKr5N/RcMmbBfMdGryL9T4h8m5pBmprxuq3Hp9RPgMVJbKPmrE9/YHSmsm/vsFBEYQ8nj8HqMMzQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 16 Jan 2025 17:50:29 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 9C5F 52 KB
15 KB 313ms
312ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2F202708376488646%22%2C%22width%22%3A350%2C%22height%22%3A500%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fpayroll.my%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19744.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010934254&__s=%3A%3Atdijif&__hsi=7326802551735995901&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__csr=&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yt/l/zh_CN/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6149b525213ae7e66e56e7423f7347bf83fd129e619bbe2511c9fd5bfead7a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: uhN5IPOEdXvKrid86Dgfwc
Referer: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 06:15:55 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: HzIgjI/e0cTL9gt30FwYUdNAazk87T6dFqhhLbVstVuEqnc4xIzjBuyutgpYfN/x+EF/+3iMXxMiZXLSHh5iLA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 9C5F 1 KB
905 B 143ms
143ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yt/l/zh_CN/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

251cee97d19f564c2a623c16d2275a83f86c69a0946d97ad5ef563fb76524e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: uhN5IPOEdXvKrid86Dgfwc
Referer: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 06:15:55 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: 0aeD+gO86LWwzcNT5p3X25CN9/Wq8VDmn5HutjFUdDGTxPOG0JvdRroEby/PAqfzpGKPgr0IOkhXGTYu857+gQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 9C5F 1 KB
1 KB 2ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/1,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: 4zi6k5lVeOvpFm6bLeZobkzMclPnatVkBERmnsgeAUwk0YgY+04tr2Cis9Zn1DiBuw3FHatdPsWp4viwlvSxDQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 12 Jan 2025 17:51:07 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B34 586 KB
107 KB 574ms
573ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&adk=1812271804&adf=3025194257&lmt=1705904154&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fpayroll.my%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904155008&bpp=5&bdt=270&idt=276&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7072107424385&frm=20&pv=2&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

baf3f2350fccc484cf827c427779f63e3ab4c6a1ccebf7a25ac0f2a3c44159a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 109310
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:55 GMT
expires: Mon, 22 Jan 2024 06:15:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 520A 151 KB
45 KB 623ms
623ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=200&slotname=2059126289&adk=1158759801&adf=1602745239&pi=t.ma~as.2059126289&w=940&fwrn=4&lmt=1705904154&rafmt=11&format=940x200&url=https%3A%2F%2Fpayroll.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904155013&bpp=2&bdt=275&idt=290&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&rplot=4&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=3&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d789be01c0926c65d6292504bf619e31af7bc336968b31f8a05103cd97adfb9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:55 GMT
expires: Mon, 22 Jan 2024 06:15:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E26 129 KB
43 KB 939ms
938ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=250&slotname=2737906844&adk=2266820169&adf=4260084012&pi=t.ma~as.2737906844&w=300&lmt=1705904154&format=300x250&url=https%3A%2F%2Fpayroll.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904155015&bpp=1&bdt=277&idt=299&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x200&nras=1&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=3&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=302

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec96d7051927b6a102f7dff9823c63a01772ceed56b23c31b4c8f8b60a2069ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43652
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
expires: Mon, 22 Jan 2024 06:15:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ieeHDjcGsIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 9C5F 213 B
350 B 2ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
x-content-type-options: nosniff
content-md5: oSUZEsOZh+qyGbXjvLFs7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 213
reporting-endpoints
x-fb-debug: VgitOlUMObQ7o/vX6J7Ua2zMO6MqKfEHNEbmis1XnnfHXdpt36EI/Z2vjGildz/BEnyqRORE2kkVeiH498xvtA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Tue, 14 Jan 2025 18:42:32 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 9C5F 0
0 183ms
183ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252F202708376488646%26tabs%3Dtimeline%26width%3D350%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https://www.facebook.com/202708376488646&tabs=timeline&width=350&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Jan 2024 06:15:55 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: mIATm2M+D7PD9aWd5e9k4Q3JuO4mx/R8IsekXKNxekNvGj80NWDi0Se5LFl2EyMhCZevcENMBe/HOluBqfCsVA==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 invMBnw_KCW.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/1,cross/ Frame 9C5F 21 KB
5 KB 7ms
6ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/1,cross/invMBnw_KCW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8423e1e6dfea648f227c06c9a586ed64f9127c4de599822d4a368b7959adeabe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oX/K+DjWSZlvMpwWa1Ly6Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4837
reporting-endpoints
x-fb-debug: a2douaI6Gy/o/RA1hbz3jZY7ERE1609b0/InHfE5YBqd48UfcBWgPZ7COktASwZBW2QY70oAmAHUMZXqW+WnOA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Sun, 19 Jan 2025 16:29:11 GMT

GET
H3 200 d1QGUIEOFY_.css
static.xx.fbcdn.net/rsrc.php/v3/yN/l/1,cross/ Frame 9C5F 27 KB
6 KB 9ms
9ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/l/1,cross/d1QGUIEOFY_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3a0912761370b7e042bb5bbc6fcbcc68887411f574aac2c56e166318eb7d8e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FpmTBzH7c/4jbiByb+XUWw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6332
reporting-endpoints
x-fb-debug: Vy2Z64xCClGytngexKioURDHAZ5qveyuaCmnrlhTY8M/gRyHKq1ehxm6pyoQdaJx66k/v9YZzae+XFxmUW/UPA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Thu, 16 Jan 2025 18:21:55 GMT

GET 2aTNZvh7Dni.js
static.xx.fbcdn.net/rsrc.php/v3i7Te4/yt/l/zh_CN/ Frame 9C5F 0
0

GET
DATA 200
OK truncated
/ Frame 9C5F 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09220d95a594d96edb7b812467cb4c048aca524c1876a229930879e64b28148b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 csyRi_Cyk9c.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/1,cross/ Frame 9C5F 2 KB
611 B 9ms
9ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/1,cross/csyRi_Cyk9c.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75264df0baccdd42f82d96b3ff6a4ef143fb5b6e55daa7c4a3c50bf39a030b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7WcziqRjZaDe0j08wsM/fg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 472
reporting-endpoints
x-fb-debug: dMCWm32s9rnrM2+ZFvJWccRe2K9yJvo5ElyxnXpuY0s5vq1ECZRe1gpUNBaPqxL3/W7Ar+iF/rn1iA6+ApnEoA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Sat, 18 Jan 2025 14:57:38 GMT

GET uwgVV4_bDB1.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 9C5F 0
0

GET 2_UQu_HhTQu.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 9C5F 0
0

GET 50qsPPr-_ZN.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 9C5F 0
0

GET i4NEvnb2_YI.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 9C5F 0
0

GET ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 9C5F 0
0

POST bz
www.facebook.com/ajax/ Frame 9C5F 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame 520A 812 B
503 B 43ms
42ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%9D%E7%97%85%E3%82%A3%EF%BC%91%E9%96%8B%E3%81%8F%E3%81%9B0%EF%BC%93I.%E8%AA%BF%E5%88%86%E3%83%83%E5%B8%8321%E3%81%97%E6%99%82%E3%82%AF%E4%B8%81L%E2%88%92%E3%82%82%E6%B8%AF%EF%BC%96%EF%BD%9E%E3%83%88%E3%83%86%E3%83%A1%E3%83%B3%E3%83%AA%E3%81%AE%E3%81%BE%E3%82%BF%E5%85%83%E5%8C%BA%E9%BA%BBN%E3%81%AA%E6%9C%AA%E3%82%B9%E7%9B%AEB%E3%83%9B%20%E3%83%AD%E3%82%8C%E3%81%9F%E4%B8%8D%EF%BD%A4%E3%82%93%E3%81%82%E3%81%8BK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=200&slotname=2059126289&adk=1158759801&adf=1602745239&pi=t.ma~as.2059126289&w=940&fwrn=4&lmt=1705904154&rafmt=11&format=940x200&url=https%3A%2F%2Fpayroll.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904155013&bpp=2&bdt=275&idt=290&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&rplot=4&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=3&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adb46ac9c7af42dca53b0071bfecfde1734eeab3677491d09cf1351bc0df23cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 06:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 06:15:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 06:15:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 520A 2 KB
903 B 46ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:36:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 520A 23 KB
9 KB 45ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:36:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 520A 3 KB
1 KB 45ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 520A 20 KB
9 KB 43ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 520A 206 KB
66 KB 89ms
48ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 520A 37 KB
16 KB 48ms
2ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 05:17:17 GMT

GET
DATA 200
OK truncated
/ Frame 520A 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 520A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e051fef31344075839c3aa3aa1d4adbdfabd0776172f6ba7415ab03178190eb3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 162 KB
55 KB 112ms
111ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65804b809ce9d53092777cbf8a7bc720b5390e00466a8d90087b8ecf56c5f9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56377
x-xss-protection: 0
server: cafe
etag: 9037630676602722920
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H2 200 ca-pub-6773561368244514 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 107ms
66ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6773561368244514?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b196b41f2a34d49aa298a9c4bf1031e8c6358a40c35bc6c5503792cb11349f9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RZ0UtMYVmepLUZ9Zu8WiPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-RZ0UtMYVmepLUZ9Zu8WiPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwOxq_gMVl8gnhI4g3UOELdEz2CdBMRO6TNYA4D4c-YM1t9ALMTNMWfCjrVsAhcO7bYCAPYFWYY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 520A 21 KB
21 KB 3ms
2ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqb03dLt9snVpArg9UQXibcOUJ04DWFxCiuocvz3fetfObDRl6PjhWFP_OIi2eL1xEgzMdLLG5RORIkmI9x_vzAbcxAvtgYwl-s0hIEwYwexkytgrdpn8Fk-84OWUQ0Cq8Zo7oo7NuXMSRGpgkldVYCnZpnpucvJ7OuuJgGUeDyT7N6q8sDiQEFJzNKG0_zlxEsoZA&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%9D%E7%97%85%E3%82%A3%EF%BC%91%E9%96%8B%E3%81%8F%E3%81%9B0%EF%BC%93I.%E8%AA%BF%E5%88%86%E3%83%83%E5%B8%8321%E3%81%97%E6%99%82%E3%82%AF%E4%B8%81L%E2%88%92%E3%82%82%E6%B8%AF%EF%BC%96%EF%BD%9E%E3%83%88%E3%83%86%E3%83%A1%E3%83%B3%E3%83%AA%E3%81%AE%E3%81%BE%E3%82%BF%E5%85%83%E5%8C%BA%E9%BA%BBN%E3%81%AA%E6%9C%AA%E3%82%B9%E7%9B%AEB%E3%83%9B%20%E3%83%AD%E3%82%8C%E3%81%9F%E4%B8%8D%EF%BD%A4%E3%82%93%E3%81%82%E3%81%8BK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

143b315d7a4c819f34887d2b9c219823e84ce7210e8ede4e39799fc4a5919cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 00:03:41 GMT
x-content-type-options: nosniff
age: 22335
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21168
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Jan 2024 00:03:41 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 520A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CDKrEGwiuZaSJFcLV7OsP7aOPkAbJyKvJdJjd2aOqEYqc3cjBARABIMOm5R1gifPFhPQToAHg8PvcAcgBCakCztEzJx3_PD6oAwHIA8sEqgTdAU_Q4JjfMEzphFkZ8PyqbfRwXRr98bLNtU6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x28715e827fd417040000000000000000%22,%222%22:%220x2e54a987fbc55ead0000000000000000%22,%223%22:%220x18abda...

0
0

80ms
40ms

Fetch
text/css

216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x28715e827fd417040000000000000000%22,%222%22:%220x2e54a987fbc55ead0000000000000000%22,%223%22:%220x18abda8e729ab0d80000000000000000%22,%224%22:%220xe630fa14866e03930000000000000000%22,%225%22:%220x1fe5e8f6569c00e20000000000000000%22},%22debug_key%22:%2212745177235757578417%22,%22debug_reporting%22:true,%22destination%22:%22https://metatron-holistic.tokyo%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22463403104%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213077244873519315649%22}&andc=true

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x28715e827fd417040000000000000000","2":"0x2e54a987fbc55ead0000000000000000","3":"0x18abda8e729ab0d80000000000000000","4":"0xe630fa14866e03930000000000000000","5":"0x1fe5e8f6569c00e20000000000000000"},"debug_key":"12745177235757578417","debug_reporting":true,"destination":"https://metatron-holistic.tokyo","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["463403104"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"13077244873519315649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 06:15:56 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x28715e827fd417040000000000000000","2":"0x2e54a987fbc55ead0000000000000000","3":"0x18abda8e729ab0d80000000000000000","4":"0xe630fa14866e03930000000000000000","5":"0x1fe5e8f6569c00e20000000000000000"},"debug_key":"12745177235757578417","debug_reporting":true,"destination":"https://metatron-holistic.tokyo","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["463403104"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"13077244873519315649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E42 50 KB
19 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 05:27:48 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8EDF 436 B
233 B 307ms
307ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6773561368244514&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705904154&rafmt=1&to=qs&pwprc=4511807673&format=1200x280&url=https%3A%2F%2Fpayroll.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904156176&bpp=1&bdt=1439&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D686571f1f9ed0ba7%3AT%3D1705904155%3ART%3D1705904155%3AS%3DALNI_MaAvmbr8IDASshYo88JpH__MJ0slg&gpic=UID%3D00000cecdd30ae07%3AT%3D1705904155%3ART%3D1705904155%3AS%3DALNI_MZOVtZW6gDg0PdvHqyd28I4TY5AAg&prev_fmts=0x0%2C940x200%2C300x250&nras=2&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&psts=AOrYGskEZLxrWHDkzvLGsJ5FqJiNJUrFxXa8_oJ0svq0JqB_iaEi6jZFN3GSdNJN6NS4U9nBnaonm-fzZBssTOry81iV8JRP&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23f07b187439b7d1b17ded0d3bc1a1aeaa3724814c3a16a9df48c47057011adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EA08 436 B
233 B 310ms
310ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6773561368244514&output=html&h=90&adk=413024534&adf=3844467294&pi=t.aa~a.1535826200~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705904154&rafmt=1&to=qs&pwprc=4511807673&format=1200x90&url=https%3A%2F%2Fpayroll.my%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904156176&bpp=1&bdt=1439&idt=-M&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D686571f1f9ed0ba7%3AT%3D1705904155%3ART%3D1705904155%3AS%3DALNI_MaAvmbr8IDASshYo88JpH__MJ0slg&gpic=UID%3D00000cecdd30ae07%3AT%3D1705904155%3ART%3D1705904155%3AS%3DALNI_MZOVtZW6gDg0PdvHqyd28I4TY5AAg&prev_fmts=0x0%2C940x200%2C300x250%2C1200x280&nras=3&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&psts=AOrYGskEZLxrWHDkzvLGsJ5FqJiNJUrFxXa8_oJ0svq0JqB_iaEi6jZFN3GSdNJN6NS4U9nBnaonm-fzZBssTOry81iV8JRP&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=61

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0329e75b7b64bce4146972dc5ba6e48b9ccd12aaad76f85c2351fbd977bea0ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 692F 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:43:00 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 15:43:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame A4B9 9 KB
4 KB 3ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:43:00 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 15:43:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame C53B 9 KB
4 KB 3ms
1ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:43:00 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 15:43:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 332C 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 52376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 15:43:00 GMT
etag: 9219409622527106327
expires: Sun, 04 Feb 2024 15:43:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUEjMrqWTFhhC4Ht_MP2o71-DQd8JBdDTn0lSORDrN7UZVPHcnTs0oYOIIbolApUFdZZ16ZTet8fkCKrbEqLaqcVdWYmcuzxzIlZcJ1HNhwTC-vIhYTdlHJEhRgtN2N06J2y0MPNw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 58ms
57ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUEjMrqWTFhhC4Ht_MP2o71-DQd8JBdDTn0lSORDrN7UZVPHcnTs0oYOIIbolApUFdZZ16ZTet8fkCKrbEqLaqcVdWYmcuzxzIlZcJ1HNhwTC-vIhYTdlHJEhRgtN2N06J2y0MPNw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1OTA0MTU2LDI4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wYXlyb2xsLm15LyIsbnVsbCxbWzgsImtoSnZEZUZzbWJRIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.khJvDeFsmbQ.es5.O/am=wA/d=1/rs=AJlcJMzW0yIvlkm-BdUm4sTqlJnqx4F9FQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4d8abdcf8e148f33cf3d6b7430b7818c20bfce52795a31e74646d5896520ddb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bNy0RqUFFcLpXwXx4X2dzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-bNy0RqUFFcLpXwXx4X2dzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KEhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwOxq_gMVl8gnhI4g3UOELdEz2CdBMRO6TNYA4D4c-YM1t9ALMTDMWfCjrVsAjembp_BCABNSlm6"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
42ms Preflight
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 06:15:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 5E26 9 KB
4 KB 4ms
1ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=250&slotname=2737906844&adk=2266820169&adf=4260084012&pi=t.ma~as.2737906844&w=300&lmt=1705904154&format=300x250&url=https%3A%2F%2Fpayroll.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904155015&bpp=1&bdt=277&idt=299&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x200&nras=1&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=3&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=302

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 05:11:57 GMT

GET
H2 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame 5E26 11 KB
5 KB 5ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 21:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 05:20:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5E26 1002 B
485 B 44ms
43ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%A2%E3%81%9E%E3%81%8C%E3%81%B0%E3%81%A7%E7%9B%9B%E3%83%88%E3%81%A9%E3%81%97%E3%83%93%E4%BA%8B%E6%B5%B7%E3%82%AF%E5%90%8D%E5%B1%B1%E3%82%AA%E3%83%83%E3%81%99%E5%86%86%202%E3%82%88%E3%83%97%E3%82%A30%E9%A3%9F%E3%82%8A%EF%BC%8A%E3%82%B7%E7%94%B0%E3%83%AB%E3%81%AF%E3%81%9D%E3%82%B9%E5%A4%A7%E3%83%9B%E6%B5%A6%E3%81%8F%E5%A4%95%E5%87%A6%E7%AC%AC%E3%81%86%E6%A5%BD%E3%81%84%E6%B2%A2%E3%81%AA%E8%BF%91%E5%92%8C%E3%83%86%E3%81%AE%E6%9C%80%E6%AC%A1%E6%9C%89

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0af3531d89b1b38f38dc7fa5c28bc4884e43eddad626dfd3133143948455f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 06:15:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5E26 7 KB
1 KB 45ms
43ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 06:14:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 5E26 2 KB
822 B 2ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:36:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 5E26 23 KB
9 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:36:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 5E26 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 5E26 20 KB
8 KB 4ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E26 206 KB
65 KB 55ms
53ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 5E26 37 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 05:17:17 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 692F 4 KB
671 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:36:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 692F 205 B
520 B 2ms
1ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 16:02:30 GMT
x-content-type-options: nosniff
age: 310406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 17 Jan 2025 16:02:30 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 692F 604 B
696 B 3ms
2ms Image
image/png 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 21:47:18 GMT
x-content-type-options: nosniff
age: 289718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 17 Jan 2025 21:47:18 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 692F 16 KB
7 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 23:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 23:28:14 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 692F 22 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 20:25:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 20:25:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame A4B9 23 KB
9 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:36:32 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1DE5 143 B
166 B 5ms
4ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 05:33:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A4B9 3 KB
1 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A4B9 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H3 200 1707713820429509911
tpc.googlesyndication.com/simgad/ Frame A4B9 57 KB
57 KB 4ms
3ms Image
image/png 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1707713820429509911?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmMu6RtmR0S3XRvnjWD7KzzLyjrmA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1898dec8b11ba6eb0911e1edd6a47be321a8d16639e1b936dccaa0fba1ee364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:57:05 GMT
x-content-type-options: nosniff
age: 224331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58173
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 07:58:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Jan 2025 15:57:05 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4B9 206 KB
65 KB 64ms
63ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame A4B9 36 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 19:06:45 GMT

GET
H3 200 1707713820429509911
tpc.googlesyndication.com/simgad/ Frame C53B 57 KB
57 KB 2ms
2ms Image
image/png 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1707713820429509911?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmMu6RtmR0S3XRvnjWD7KzzLyjrmA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1898dec8b11ba6eb0911e1edd6a47be321a8d16639e1b936dccaa0fba1ee364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:57:05 GMT
x-content-type-options: nosniff
age: 224331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58173
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 07:58:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Jan 2025 15:57:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame C53B 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:36:32 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9CCE 143 B
166 B 6ms
4ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 05:33:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C53B 3 KB
1 KB 3ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C53B 20 KB
8 KB 5ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C53B 206 KB
65 KB 85ms
83ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C53B 36 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 19:06:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 332C 23 KB
9 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:36:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 332C 8 KB
750 B 41ms
40ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 04:35:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 332C 15 KB
3 KB 80ms
2ms Stylesheet
text/css 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 05:17:33 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 332C 378 KB
132 KB 80ms
3ms Script
text/javascript 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 05:20:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 332C 20 KB
8 KB 1ms
1ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0695 143 B
166 B 2ms
1ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773561368244514&output=html&h=250&slotname=2737906844&adk=2266820169&adf=4260084012&pi=t.ma~as.2737906844&w=300&lmt=1705904154&format=300x250&url=https%3A%2F%2Fpayroll.my%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705904155015&bpp=1&bdt=277&idt=299&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x200&nras=1&correlator=7072107424385&frm=20&pv=1&ga_vid=1833848810.1705904155&ga_sid=1705904155&ga_hid=56638926&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=640&ady=698&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C31080443%2C44798934%2C95320869%2C95320889%2C95321627%2C95322165&oid=2&pvsid=2777102490801278&tmod=2136636544&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=3&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=302
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 05:33:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxXLQgVrhDDgwnGvI2A_EZ5ZTvgt7o51FAq0lcOQ21izczAL9aozRhVacJaJOtxwNpRyCt8f6E78TNfEHJguAbXSX7jhdWtaRF6XQyksiTqBMgyFR2PLUrCT552PCp1pkgTOefvYdA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 66ms
66ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXLQgVrhDDgwnGvI2A_EZ5ZTvgt7o51FAq0lcOQ21izczAL9aozRhVacJaJOtxwNpRyCt8f6E78TNfEHJguAbXSX7jhdWtaRF6XQyksiTqBMgyFR2PLUrCT552PCp1pkgTOefvYdA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1OTA0MTU2LDQ0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGF5cm9sbC5teS8iLG51bGwsW1s4LCJraEp2RGVGc21iUSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ffd352b6f797ddae9438a3151b6b97905fa8ea0c6b9933c0ada7bccc8a59d13

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GmoF3zluWkZoPx3Rfc2R4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-GmoF3zluWkZoPx3Rfc2R4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KUhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwOxq_gMVl8gnhI4g3UOELdEz2CdBMRO6TNYA4D4c-YM1t9ALMTDMWfCjrVsAhPOPn7OCABPkFon"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3EB6 14 KB
1 KB 37ms
36ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 04:38:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3EB6 2 KB
822 B 5ms
4ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:36:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 3EB6 23 KB
9 KB 5ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:36:32 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA62 143 B
166 B 6ms
3ms Document
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 05:33:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3EB6 3 KB
1 KB 8ms
5ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3EB6 20 KB
8 KB 8ms
6ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:34:38 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3EB6 206 KB
65 KB 72ms
69ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 06:15:56 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 3EB6 37 KB
15 KB 5ms
3ms Script
text/javascript 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 05:17:17 GMT

GET
DATA 200
OK truncated
/ Frame 5E26 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3efab421df4aef33935196d505b69d5ead62d477a33377e8365cfec1fe89a1c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1DE5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
41ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
expires: Mon, 22 Jan 2024 06:15:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9CCE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
expires: Mon, 22 Jan 2024 06:15:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 font
fonts.gstatic.com/l/ Frame 5E26 34 KB
34 KB 4ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrS03dVtQmUkDrhSXhzXVe-NCMW7l3n1UTMt7-RxI_PZJihXSLtklznIL7qrDrp8nBC5qgpBx4zEVJGtMMT06aiX5AijLh5yTrN23ll1vR_3A7Mm_4Ivo8F255oSyZSHcF-ltpP077wBX0hp2lBVjdngtMCmKtLN9XKq9VtcryYS9sQgpNvoXNpDkMmMTqfvWxAh9dAkI7p6WOHz4vQBEXaB0pJcEOO5ic8YMuuCFGadoTTMmui-0XVp5MvjFkUOHgZmGiiUrw11io8HPKwxCDSgJpU8NoxDHG4tQ&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%A2%E3%81%9E%E3%81%8C%E3%81%B0%E3%81%A7%E7%9B%9B%E3%83%88%E3%81%A9%E3%81%97%E3%83%93%E4%BA%8B%E6%B5%B7%E3%82%AF%E5%90%8D%E5%B1%B1%E3%82%AA%E3%83%83%E3%81%99%E5%86%86%202%E3%82%88%E3%83%97%E3%82%A30%E9%A3%9F%E3%82%8A%EF%BC%8A%E3%82%B7%E7%94%B0%E3%83%AB%E3%81%AF%E3%81%9D%E3%82%B9%E5%A4%A7%E3%83%9B%E6%B5%A6%E3%81%8F%E5%A4%95%E5%87%A6%E7%AC%AC%E3%81%86%E6%A5%BD%E3%81%84%E6%B2%A2%E3%81%AA%E8%BF%91%E5%92%8C%E3%83%86%E3%81%AE%E6%9C%80%E6%AC%A1%E6%9C%89

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3717fa6d66b60a45c53b1d440a79627d0f7d39923aa1afabb5bace7affe35b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:18:13 GMT
x-content-type-options: nosniff
age: 7063
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34532
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Jan 2024 04:18:13 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5E26 21 KB
21 KB 2ms
2ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:54:58 GMT
x-content-type-options: nosniff
age: 541258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 23:54:58 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 332C 0
234 B 566ms
194ms Ping
image/gif 2404:6800:4009:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrojafes&c=5535804551258&slotId=2767902275629&qqid=CNnKzJms8IMDFcjtTAIdXwsEIg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:800::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 332C 15 KB
16 KB 2ms
2ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:12:17 GMT
x-content-type-options: nosniff
age: 176619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 05:12:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 332C 15 KB
15 KB 3ms
2ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 19:42:53 GMT
x-content-type-options: nosniff
age: 383583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 19:42:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 332C 0
20 B 43ms
42ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ce_o2GwiuZZnRFMjbs8IP35aQkAKYmvi6dcWr69GaEvzEotDkAhABIMOm5R1gifPFhPQToAHEjPrIKsgBBagDAcgDmwSqBPsBT9AMnh-vZ8dprM1KIIpyQABkYfiaRMiAzzOAjSKNDlkmjSbV6q8MT5204rCNSPcNyq1MlC-cmJkPRqAJeOFG3usv4YB960EsURHEEBZLE1uYFJYh3IjIxBxJRu6cYfZHvrxBYNOSVY46jSzyvwpypvHySSGvn-GdE0mtS-j49J9RCWUGKbtlZKHExr4s55DT8ZFjsTgwB1q3nWr_h-JIKT7G-tHxDQl7se-83CULWLooC01n2C6JlBUiawU1FHf-zRh1UiEwHy5mGmNJ-AlWK9Re1i8mvYt7EeTkqpuZml9yWxLRfT0qsZJ7iEHpAt5COpbJe-4H9B5WChvABO2NxIXABOAEA4gFvO_jhU6QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY16bMmazwgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkpQsBPz3K0WyBOnjK_kA9ATANgTCogUA9gUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1705904156554&ai=Ce_o2GwiuZZnRFMjbs8IP35aQkAKYmvi6dcWr69GaEvzEotDkAhABIMOm5R1gifPFhPQToAHEjPrIKsgBBagDAcgDmwSqBPsBT9AMnh-vZ8dprM1KIIpyQABkYfiaRMiAzzOAjSKNDlkmjSbV6q8MT5204rCNSPcNyq1MlC-cmJkPRqAJeOFG3usv4YB960EsURHEEBZLE1uYFJYh3IjIxBxJRu6cYfZHvrxBYNOSVY46jSzyvwpypvHySSGvn-GdE0mtS-j49J9RCWUGKbtlZKHExr4s55DT8ZFjsTgwB1q3nWr_h-JIKT7G-tHxDQl7se-83CULWLooC01n2C6JlBUiawU1FHf-zRh1UiEwHy5mGmNJ-AlWK9Re1i8mvYt7EeTkqpuZml9yWxLRfT0qsZJ7iEHpAt5COpbJe-4H9B5WChvABO2NxIXABOAEA4gFvO_jhU6QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY16bMmazwgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkpQsBPz3K0WyBOnjK_kA9ATANgTCogUA9gUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 332C 0
20 B 43ms
42ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&eventType=canary_version_20240117_RC00&clientTime=1705904156556&ai=Ce_o2GwiuZZnRFMjbs8IP35aQkAKYmvi6dcWr69GaEvzEotDkAhABIMOm5R1gifPFhPQToAHEjPrIKsgBBagDAcgDmwSqBPsBT9AMnh-vZ8dprM1KIIpyQABkYfiaRMiAzzOAjSKNDlkmjSbV6q8MT5204rCNSPcNyq1MlC-cmJkPRqAJeOFG3usv4YB960EsURHEEBZLE1uYFJYh3IjIxBxJRu6cYfZHvrxBYNOSVY46jSzyvwpypvHySSGvn-GdE0mtS-j49J9RCWUGKbtlZKHExr4s55DT8ZFjsTgwB1q3nWr_h-JIKT7G-tHxDQl7se-83CULWLooC01n2C6JlBUiawU1FHf-zRh1UiEwHy5mGmNJ-AlWK9Re1i8mvYt7EeTkqpuZml9yWxLRfT0qsZJ7iEHpAt5COpbJe-4H9B5WChvABO2NxIXABOAEA4gFvO_jhU6QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY16bMmazwgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkpQsBPz3K0WyBOnjK_kA9ATANgTCogUA9gUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 332C 0
54 B 554ms
195ms Ping
image/gif 2404:6800:4009:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrojafez&c=5535804551258&slotId=2767902275629&qqid=CNnKzJms8IMDFcjtTAIdXwsEIg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.z4&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:800::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 332C 33 KB
18 KB 198ms
86ms XHR
text/xml 142.251.170.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CF-WYGWiRTd_9dSeMllxnyJJomZCsEA0bxTGybuNCGaOwPpZPkfdD_a0GulCj1127LpG6BpQJPEbtdnG3j59M7sOPChw&cry=1&dbm_d=AKAmf-ChEQA9GhastLLFp8WJg_BSnnM4NU7hodafIouF30PVtihCzh2fsAoAVMGJUJfcQzk18GruXHeG_ZK7XCG_lkwCVAxoFVnpaT8yuzWgIXUfbm-hFYVTnYfBlu6RmRUdb9Rt3uCKKJjdgYRAm_3QyMbVfs5rGIKtZGvQf1Gl-P-RwLCJUcpIGClErFOZ5J8svrU7wJzfFpRI22K9LlHJNa0YwXicxjQdxuU4OlFGATnJY7d-JbqVkVB9Rm1RoZBpx2ff15WbX-vwd4gCzmSu57GMZ3xvcFi5BvHRDkLEO-OeaQUPML9c76T1tJVwFOJriiSSVdygmNWZP0JzArblZ1NUTWt2A366ZyxX6W0D7uKO2PimlQLON5X0bl5g9CW-eR0X_oQGUPrI_fBqwAYcr5nejWxcNExTt9UJMGwKVc4AXKYfWNSajt1dsYKm-_ANrpL3hri0q9Xl5O7uOesG08w_Z1FA1MgIgc4_Fd1XN4Ax4iGtOBJZvCfOJYvQemRW_lWfhmMp3tZEJ6x-XDD_RhxR5inSfYjB8Af7cd3LtSImzLJavhWd_j1WJMiLBf7JbSas6optQIS_YLhvnk-G0AyPKv1Qy0TB3m3VKIqNz9ZUCEyUAwUgbvdk1A3E_FZ2LI7tgCcoDfoCqy3d65zxq1ReTx1_-_exRM5mVviD7X9Rtp6fZU3QxuBBvIrGmiYk1jYg-eYorCI1aKjqW8ah6_cKBPRfjRWPQx9GC7kO6OWQ9nZk2KVAUPfuPD43z96UlFfaHx0bB-0sNGTU5sFvHiaUJXUoHmrp1oWjzZ8-HmjM-3vynVICtjMo_sFnLFKdl7RQhw_Hi949FQjG1vEb1xHhpAlM3OluYc8H07NIX6Tyk0WqR-LeUnMdjSaRZk6_B3_kl3slD4EgQ1c5eFyKNCnsjfQsMlCxbvtqrLjk32DN0G_gvDG8FQySszvz86VYEGfVAUvDRgcBz5byoBo15No9hyn9xjFrPBxzidiMYFhmS5Y6vyuzKxu6yUSMFxbCw57fn4TUUUifntg9p8Jy2hjnhNKwtSh34PKBCSe8j2aceVFwA1Kv_qu9IQM6SA_hR48goz-aWrHqxBHeujoxvQrI5LHmDKTXHdg6dCd-NyUaox2XqaUHoROpnogmqk8iLovC33zordyEc7pJVymqbgzuyu3mlmp0N-Yjek-jMU3I07JV4EXalbA-qqWKXwwErFNcK314b40AvgdNHPpFYw0mamHFqk9fEn9Gp2C-zq9Fiz2FCzdAiht_UTaFnKK761EgymK5mWST2dfUI2epmm0iYueS7eL877o44P97d57__Gx011q8NNg9AEZkUfxtF1bTVRMkRQZtcmpNAH78u72VlWDkQeKVgm5VSKIhnw6Z8P3IaEIBxzzH3N5kyBPoarjzJeoMQW_tCwTNZXcCdLIJeZpoMzx0Q5F_C2_bCHBzvsHGjwe5w7vTCn10oxZ3dZZ-60WT-96-VAR_RIJFCOwLQtkMRJXS4-hBqqoY1qezLVXwThIEWVA7_vcO0Y-SApIFXuV44ZLfQq0ZUc8RM5i1g-4wiVRbgCjdgFMNFCBQE6s6qrDVOZZQX_gHevZikb9r5Ejyu9V6waebSTZy0qRsC7OEsGkgoq7ve7De33vMEHl-U4qMM4aTuPXeVfO5zGcdKqsxkuNmYBIsqt6BBss35ocwxtEuIjtsiA36OaYxA_3SFdlBoj75hNjsrvgEhwLn4CsRRDnut0ExF9REnIcLbuRf_VbQWROoBX1N4slG_1vxdBuV1OWt_PM3MkuFE3GVO0_U_ucynvnLSF1BYqlmuKwimTN9NK878e-z03KWe-DAr7GeA8yQPanuGs0m3Ikek8o8M7sgeLQP3mALpKwHcxq9ARSPiO7BajBgoAuVVtvGxKaw4jZxXfKOWKf85ZrQNXwmsW_CHYZ7zClReR_bSnUs0hLiMLkXAuMIDowLGQM0cb5HcIDkSeXZNlEhsoK0-3HjR0kXHaexdVuBY_-LHXdblJv94wrPjJqlF-IFhRXt4xegyHkk66YJs-F0g04F-3IwG1GGjx-u4iz3I_-eyVQqAcw3yL-Iz_a_e_9xmnm3h_kTuGMFTPS75iU8E65oTd_F_WXXYzVt3Iaj8o0uuozE-hWK_O3SwB_TPg5owiZ2rcPErrdPBWbKbDzDaRwyyAsIl3X8euSncrIdaZZYOGZqT0dy4_mpJ9MEyZuCwJHkbNyUu1lkbKLD43Yyw66qFXgX3dgqOQ4PdkOHVFCvcdrhb4S8ZNUaOhKfibk80B-HcVFrZYNdDGGZMjc6K_PAUGaTyN3P7K41xSd_FV2i3C3t1TqzSjHx7rjIPnzAOblX65Xcfbh8o9U5GPYvgghhAk34lBlM58DAmhAF6TORKs0QzuZQ5vaDjy2Gl_fIkpANoIRiOqhfx8-0_Z8_a__zA7NalwSgilMIFb6utqGI0KFd9UoMqXIqEzd_XoCFHE8J3fE0sj0r2t-D53vVLLGTm-5peAD8KYVFVQ2GXv8k1rvWAaYqxromUcD31hej57CCfVfNN2NlVJ2Y3kE6zM_Hvk9rsUYZMIo-YiRm-f3P3I2KGRfupCyO_SVqVQS4btmM2ZlsR0DtE_WfEkRn8ZNzhmC3Tt4Hzi3tmShGT1YIa6X2LViB1Wx3nJiEHa_fMdBMpGGlZPsREu05AS9ASgEHdbWxcXmr89slnq0TOtscNrS6D4Z4JVhu2zkgRcZtSdDLo6kUWWds6x25adZG7GalqLS9dsmRAF9e2XPy6FGRQIMG0GtgwQREasdV53FzxkU5sZYowEHGCZz9ThC7mWGdThHrkHCX1IN9qDUWSV5xiWj5rkxvJOvPGWRAstGZnXJIuYkHd-bn5zu3MrdLfyGGhdcUZYMwTMk_Fmuxe1qUt77q4nQwLjzK_SyAJukkXB0J4D-KNQ2iaOmm7d-czpUBg1Y6kL30uc8Eph03HyDbPep8R3X0tJIuOolMlqbIg7WSAJ-bHO3oCDgYqi2GoHS1AC-B1jqEpa5ezOqWsJ5Fi1oxysqiFUL5U_3L2loiZ944kXV3g0pan4rRcADPZoxRu_v7IwOInBZAciKavqgbvnf1q_ICzidi3MQ5rfktM1GQXiG82FkU4LVVg_9H2Lzzz9AZWLsl3K822XlvxswLfxmiFrHxCBNRMcMiX9ec_ycYZEeLq7wwaZFtGDglgiV49I3VCrEIwaZ3GDoa5HB2De7bUzLwWrOGM4vahT6t22WL9XmCfzZVIKzGYQXuUbwz8OmCUmBG--KyOsNa2279NbXG4gc-DLQDx2v6-HkFtjIPkQ3vj6KVxrBV5DhSYnp4YjXYKicNiowgyUSJfe7mgbDJucXXecQKDttSqxZJ-EU_oUaLVRYRU4iJlEuqIFzgaGGiJxu-X3S4yFHeGmggUIqK58HYAijjBpOPqqqel3Z1fB146_dryZr1gIGpxQ629aoOGR3OL5-dO1N6hHAfF6c8oRI-zdyOkgv16YMIQuQUIG-h3qg6U0dosJzVrCKf3SQXR3CbiIS30jzTg7D7L3CtUQ-6SDn9nF-W5oM17GUpJ5C31Tau8C1xkY5kN_XkOFujlijr2suanM_5DTT4ilpWbWnHLYWnrEP8Pn4tQPh11H2rre2q2Jw7niuXq6JzfQ1_CFvY7ePQWercv_1bpfcBk1jPPLDwdvA0qRmTyDb4etVc7cj_azlTPzFC8zlp06Uhi0lr9A7b8UyHh7hNwq92zlEEMV5N480kIh66uNtW73opzFp1348UkDkbSbsygP-ZZi8mmtO_oHlBko_MWmUYOOvaq17ZyTVqdXG6FJX6vlCum0WZ8U27xk3pW0z1c5jm&cid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.170.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tc-in-f155.1e100.net

Software

cafe /

Resource Hash

8d119493a1b55839c538f36e05cedc46e3f9feff8dcd315d09bb9916af903596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18087
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5E26
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CyZvAGwiuZYuxFcCBs8IPjOutwAG0itKRXrjZjNC1EOqf3KDUARABIMOm5R1gifPFhPQToAGg7KqSA8gBAakCztEzJx3_PD6oAwHIA8MEqgTcAU_QitHCGNpdWNwyIHDNibZvxaZvEAw8ilW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb4ddbfd2c53794ee0000000000000000%22,%222%22:%220x47b0ca9f512a398d0000000000000000%22,%223%22:%220xb8f0a6...

0
0

42ms
41ms

Fetch
text/css

216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xb4ddbfd2c53794ee0000000000000000%22,%222%22:%220x47b0ca9f512a398d0000000000000000%22,%223%22:%220xb8f0a65544942cfd0000000000000000%22,%224%22:%220x8fc1df77fb836c6a0000000000000000%22,%225%22:%220xc9baa13381551c0000000000000000%22},%22debug_key%22:%2213120276261051866323%22,%22debug_reporting%22:true,%22destination%22:%22https://kayabuki.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22843757088%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222801082755128489249%22}&andc=true

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xb4ddbfd2c53794ee0000000000000000","2":"0x47b0ca9f512a398d0000000000000000","3":"0xb8f0a65544942cfd0000000000000000","4":"0x8fc1df77fb836c6a0000000000000000","5":"0xc9baa13381551c0000000000000000"},"debug_key":"13120276261051866323","debug_reporting":true,"destination":"https://kayabuki.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["843757088"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"2801082755128489249"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 06:15:56 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xb4ddbfd2c53794ee0000000000000000","2":"0x47b0ca9f512a398d0000000000000000","3":"0xb8f0a65544942cfd0000000000000000","4":"0x8fc1df77fb836c6a0000000000000000","5":"0xc9baa13381551c0000000000000000"},"debug_key":"13120276261051866323","debug_reporting":true,"destination":"https://kayabuki.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["843757088"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"2801082755128489249"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0695
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
44ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
expires: Mon, 22 Jan 2024 06:15:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 332C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fff3f1732b8e800eba431e1910347f0412131c7a10b729860fc844ac99639c59

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA62
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
48ms

Document
text/html

2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
expires: Mon, 22 Jan 2024 06:15:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4ABA 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 05:27:48 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 332C 0
0 40ms
40ms Fetch
text/html 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co9yYGwiuZZnRFMjbs8IP35aQkAKYmvi6dcWr69GaEvzEotDkAhABIMOm5R1gifPFhPQToAHEjPrIKsgBBagDAaoE-AFP0AyeH69nx2mszUoginJAAGRh-JpEyIDPM4CNIo0OWSaNJtXqrwxPnbTisI1I9w3KrUyUL5yYmQ9GoAl44Ube6y_hgH3rQSxREcQQFksTW5gUliHciMjEHElG7pxh9ke-vEFg05JVjjqNLPK_CnKm8fJJIa-f4Z0TSa1L6Pj0n1EJZQYpu2VkocTGviznkNPxkWOxODAHWredav-H4kgpPsb60fENCXux77zcJQtYuigLTWfYLomUTSOZq6buamx_qaUIheBt28Qwl-uz6eYeNMamCiwBgVIJfDQQsW0a7V11Cii-lR9RALenbfGyWopgMuyOxFHlKcAE7Y3EhcAE4AQDiAW87-OFTpIFBggDEAIYAZIFBggbEAIYAZIFCwgiEAIYAUjQ1ZcCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfExMqoBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEI6lNBiY3_iDAtIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY16bMmazwgwOACgHICwGiDAgqBgoErLqxAtoMEQoLEMDZ0OOtjN-Q5QESAgEDsBPz3K0WyBOnjK_kA9ATANgTCogUA9gUAdAVAYAXAbIXHAoaCAASFHB1Yi02NzczNTYxMzY4MjQ0NTE0GADoFwU&sigh=XRjLrA4_45w&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 06:15:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A4B9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40da6cb2d356e4c6dda3d664e68dd179d9eb94519e720e0c1eb32a65cb1f1bb4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C53B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c4c1e27814ed4782e7d143039ca77667b57a9f0fce1309428405448b586863d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 24CE 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 05:27:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A4B9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2gd1GwiuZZfRFMjbs8IP35aQkAKNi5-8ddyg5p6nEtrZHhABIMOm5R1gifPFhPQToAGG-eDBKsgBAqkCztEzJx3_PD6oAwHIA8kEqgTKAU_QanqTxsQj_dVck-yfAWn61Sh3_WKM36xQXl7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6abcdec847344920000000000000000%22,%222%22:%220xe48b8543692f78770000000000000000%22,%223%22:%220x3f7a79...

0
0

40ms
39ms

Fetch
text/css

216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6abcdec847344920000000000000000%22,%222%22:%220xe48b8543692f78770000000000000000%22,%223%22:%220x3f7a79bee7ac2cb0000000000000000%22,%224%22:%220x983b8492a09abe0f0000000000000000%22,%225%22:%220xeed43fa40225dffb0000000000000000%22},%22debug_key%22:%2212195376761719853103%22,%22debug_reporting%22:true,%22destination%22:%22https://nexon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211412192390%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229971386368836473089%22}&andc=true

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa6abcdec847344920000000000000000","2":"0xe48b8543692f78770000000000000000","3":"0x3f7a79bee7ac2cb0000000000000000","4":"0x983b8492a09abe0f0000000000000000","5":"0xeed43fa40225dffb0000000000000000"},"debug_key":"12195376761719853103","debug_reporting":true,"destination":"https://nexon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11412192390"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"9971386368836473089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 06:15:56 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa6abcdec847344920000000000000000","2":"0xe48b8543692f78770000000000000000","3":"0x3f7a79bee7ac2cb0000000000000000","4":"0x983b8492a09abe0f0000000000000000","5":"0xeed43fa40225dffb0000000000000000"},"debug_key":"12195376761719853103","debug_reporting":true,"destination":"https://nexon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11412192390"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"9971386368836473089"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5165 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 05:27:48 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C53B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CuvKsGwiuZZjRFMjbs8IP35aQkAKNi5-8ddyg5p6nEtrZHhABIMOm5R1gifPFhPQToAGG-eDBKsgBAqkCztEzJx3_PD6oAwHIA8kEqgTKAU_QkPNf_Nhc3DLTX6sGDCnky7lPPEmC0Et5UBC...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6abcdec847344920000000000000000%22,%222%22:%220xe48b8543692f78770000000000000000%22,%223%22:%220x3f7a79...

0
0

42ms
42ms

Fetch
text/css

216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6abcdec847344920000000000000000%22,%222%22:%220xe48b8543692f78770000000000000000%22,%223%22:%220x3f7a79bee7ac2cb0000000000000000%22,%224%22:%220x983b8492a09abe0f0000000000000000%22,%225%22:%220xeed43fa40225dffb0000000000000000%22},%22debug_key%22:%224620622430464224588%22,%22debug_reporting%22:true,%22destination%22:%22https://nexon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211412192390%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223834513713233348817%22}&andc=true

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa6abcdec847344920000000000000000","2":"0xe48b8543692f78770000000000000000","3":"0x3f7a79bee7ac2cb0000000000000000","4":"0x983b8492a09abe0f0000000000000000","5":"0xeed43fa40225dffb0000000000000000"},"debug_key":"4620622430464224588","debug_reporting":true,"destination":"https://nexon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11412192390"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"3834513713233348817"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 06:15:56 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa6abcdec847344920000000000000000","2":"0xe48b8543692f78770000000000000000","3":"0x3f7a79bee7ac2cb0000000000000000","4":"0x983b8492a09abe0f0000000000000000","5":"0xeed43fa40225dffb0000000000000000"},"debug_key":"4620622430464224588","debug_reporting":true,"destination":"https://nexon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11412192390"],"22":["true"],"4":["01-22"],"6":["true"]},"priority":"500","source_event_id":"3834513713233348817"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 38ms
37ms Preflight
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 06:15:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 332C 0
54 B 301ms
195ms Ping
image/gif 2404:6800:4009:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrojaffd&c=5535804551258&slotId=2767902275629&qqid=CNnKzJms8IMDFcjtTAIdXwsEIg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:800::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 332C 41 KB
15 KB 7ms
7ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 05:08:07 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-oguesn6r.c.2mdn.net/videoplayback/id/0e995841ebf0ab13/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737440156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 332C
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0e995841ebf0ab13/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737440156/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-oguesn6r.c.2mdn.net/videoplayback/id/0e995841ebf0ab13/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737440156/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

21ms
2ms

Fetch
video/mp4

2404:6800:4004:2e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-oguesn6r.c.2mdn.net/videoplayback/id/0e995841ebf0ab13/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737440156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6411AA7A26607A917870CF4173C18EADF92D7CED.496B7553132A241714830E4E2C4DC27DEE13A761/key/cms1/cms_redirect/yes/mh/dV/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-oguesn6r/ms/onc/mt/1705903712/mv/m/mvi/1/pl/48/file/file.mp4

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

HTTP/1.1

Server

2404:6800:4004:2e::6 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:56 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1722496
Last-Modified: Tue, 16 Jan 2024 11:31:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 22 Jan 2024 06:15:56 GMT

Redirect headers

date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-oguesn6r.c.2mdn.net/videoplayback/id/0e995841ebf0ab13/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737440156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6411AA7A26607A917870CF4173C18EADF92D7CED.496B7553132A241714830E4E2C4DC27DEE13A761/key/cms1/cms_redirect/yes/mh/dV/mip/2001:ac8:40:1e::2e/mm/42/mn/sn-oguesn6r/ms/onc/mt/1705903712/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 332C 453 B
588 B 40ms
39ms Image
image/png 2404:6800:4004:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-6773561368244514

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 07:05:56 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 332C 0
54 B 294ms
196ms Ping
image/gif 2404:6800:4009:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrojafme&c=5535804551258&slotId=2767902275629&qqid=CNnKzJms8IMDFcjtTAIdXwsEIg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2085&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.16a~atrd.16d~videopreviewvisible.16f&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:800::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 40ms
39ms Preflight
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa6abcdec847344920000000000000000%22,%222%22:%220xe48b8543692f78770000000000000000%22,%223%22:%220x3f7a79bee7ac2cb0000000000000000%22,%224%22:%220x983b8492a09abe0f0000000000000000%22,%225%22:%220xeed43fa40225dffb0000000000000000%22},%22debug_key%22:%224620622430464224588%22,%22debug_reporting%22:true,%22destination%22:%22https://nexon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211412192390%22],%2222%22:[%22true%22],%224%22:[%2201-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223834513713233348817%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 06:15:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame BCE3 23 KB
8 KB 3ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 204246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:31:50 GMT
expires: Sat, 18 Jan 2025 21:31:50 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame BCE3 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 05:18:34 GMT

GET
H3 206 file.mp4
r1---sn-oguesn6r.c.2mdn.net/videoplayback/id/0e995841ebf0ab13/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1737440156/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 332C 2 MB
2 MB 7ms
2ms Media
video/mp4 2404:6800:4004:2e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:2e::6 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

308886ca4f251f5ad80bdf12303688d79ccb7bc74568e23ac1c5c3675e664211

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 22 Jan 2024 06:15:56 GMT
date: Mon, 22 Jan 2024 06:15:56 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1722495/1722496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1722496
last-modified: Tue, 16 Jan 2024 11:31:32 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame 1157 51 KB
16 KB 193ms
193ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5be75381aa8e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&container_width=940&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=a6e975499c833b9ae625f1934334aa32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ff4461306779ec2f103a21763b273970794a60eb5f5bbd123c7ade375bae30f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:57 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: JawTC9kgH0X926wnfUa811GZkcmIh1LXTKlQjzCwwJ0IDbp/DYJ9DEQXHhSDbTPttWKcT/rlKqh98RhRGe5oCg==
x-xss-protection: 0

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame F192 51 KB
16 KB 187ms
186ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df328cef68338f7%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&send=true&show_faces=false&width=450

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=a6e975499c833b9ae625f1934334aa32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f3d139de4c81d0a9c52d11ee08a7f77eb26f5b0455567a2c3c1cfb57d432077a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:57 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: zZOfkbQ5FNB23gXHGW+gpqhTpBZUQ7kqcY5UkIjUScpoho4o4GzxmzPrmPovtBuX3Lx5Pc6zT88BJbkisIypQA==
x-xss-protection: 0

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame A8C5
Redirect Chain

https://www.facebook.com/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canv...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canva...

200 KB
43 KB

346ms
346ms

Document
text/html

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=a6e975499c833b9ae625f1934334aa32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40e27355a751396e2b846297734bbcfb05659a492fc8fdd7d3e55016e1830ef7

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Mon, 22 Jan 2024 06:15:57 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: d0kMCdrH8aemOVAWEETZv7qB3uD9TRppACY+Q+9VUL3bH1K1Vwhb9fn0B+7xd/1V0MOQAb6KpLuef2gTAdrDeQ==
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Jan 2024 06:15:57 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
origin-agent-cluster: ?0
priority: u=0,i
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-fb-debug: b5s6H56gvxwxZIKK8KMqSZkZc7VvEelQiQ5P2CE5P24xBplUWZQU8FUOu9GiXNngyZTTi9BlDDXczWxv8FFY5w==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 96ms
57ms XHR
application/json 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96891b723a18b09f9110bb8467390aeb69fc82fa86b6afa4b377755badaa5d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12161
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 306C 50 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: payroll.my
URL: https://payroll.my/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 05:27:48 GMT

GET
H2

200

B31122836.385750964;dc_pre=CKG7vJqs8IMDFd_LFgUdiq4MLQ;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_... Show response
ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/ Frame 332C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_pre=CKG7vJqs8IMDFd_LFgUdiq4MLQ;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag...

19 KB
14 KB

74ms
72ms

Fetch
text/javascript

142.251.222.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_pre=CKG7vJqs8IMDFd_LFgUdiq4MLQ;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Protocol

Server

142.251.222.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f6.1e100.net

Software

cafe /

Resource Hash

b974952bf7f36341bc551f75e16d0bc88c270367d06125a7fe1a38bf24f88165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13524
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_pre=CKG7vJqs8IMDFd_LFgUdiq4MLQ;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B31122836.385750964;dc_pre=CO2rvJqs8IMDFexEwgUdcoUCxg;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_... Show response
ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/ Frame 332C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_pre=CO2rvJqs8IMDFexEwgUdcoUCxg;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag...

19 KB
14 KB

70ms
69ms

Fetch
text/javascript

142.251.222.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_pre=CO2rvJqs8IMDFexEwgUdcoUCxg;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Protocol

Server

142.251.222.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f6.1e100.net

Software

cafe /

Resource Hash

8847827b0072d169b434c10bf2b166f970da12646b4055f96002fb7a602e98d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13553
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimpj/N5788.456584WPPXAXISLLC/B31122836.385750964;dc_pre=CO2rvJqs8IMDFexEwgUdcoUCxg;dc_trk_aid=576916518;dc_trk_cid=206427800;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI3cagmqzwgwMVbvpMAh0iqQZvEAAYACDlqbFjOhoIwYOQ3QUQ7Y3EhcAEGKeMr-QDIMWr69GaEkITCNnKzJms8IMDFcjtTAIdXwsEIg;dc_rmcid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzF...
ade.googlesyndication.com/ddm/activity/ Frame 332C 42 B
401 B 127ms
41ms Image
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3cagmqzwgwMVbvpMAh0iqQZvEAAYACDlqbFjOhoIwYOQ3QUQ7Y3EhcAEGKeMr-QDIMWr69GaEkITCNnKzJms8IMDFcjtTAIdXwsEIg;dc_rmcid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ;eps=CIBhEAEYHzICigI6BIBAgEBIvf3BOljXpsyZrPCDAw;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D14%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D293357597%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705904157052;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 332C 42 B
64 B 48ms
47ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ce_o2GwiuZZnRFMjbs8IP35aQkAKYmvi6dcWr69GaEvzEotDkAhABIMOm5R1gifPFhPQToAHEjPrIKsgBBagDAcgDmwSqBPsBT9AMnh-vZ8dprM1KIIpyQABkYfiaRMiAzzOAjSKNDlkmjSbV6q8MT5204rCNSPcNyq1MlC-cmJkPRqAJeOFG3usv4YB960EsURHEEBZLE1uYFJYh3IjIxBxJRu6cYfZHvrxBYNOSVY46jSzyvwpypvHySSGvn-GdE0mtS-j49J9RCWUGKbtlZKHExr4s55DT8ZFjsTgwB1q3nWr_h-JIKT7G-tHxDQl7se-83CULWLooC01n2C6JlBUiawU1FHf-zRh1UiEwHy5mGmNJ-AlWK9Re1i8mvYt7EeTkqpuZml9yWxLRfT0qsZJ7iEHpAt5COpbJe-4H9B5WChvABO2NxIXABOAEA4gFvO_jhU6QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY16bMmazwgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkpQsBPz3K0WyBOnjK_kA9ATANgTCogUA9gUAdAVAfgWAYAXAegXBQ&sigh=sEMiR1DjKVU&label=part2viewed&ad_mt=15&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D14%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D293357597%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705904157052

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 332C 0
557 B 135ms
51ms Image
image/gif 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuPIn80CMs-TagN_0XISuIAz8iDL83bOsazJTktx63Y9Br4BYpUNF63VIKSh3EeJsbuET80dQnSeew5jpWoye89neA9bQTYX8Xzi2u2r68DN3iaRKI3S0IRQ17IStjRAIY6EXbwHxTtDr4IBwVKurrTdQa-piOl2Y5txfMj7OHkMhMw2cqPvyATj7gIvATX74E2k-t3HoPFwJwVjpzCZ_qz--TAlbGi230TAJvunJZBNO3RSzqO_8XfW3_TVSuPSg3pZfwAKFRTx1COMpLEbBiW0Q2amSTdkYO7JyyVzpvb-QFg3-Qx5ZpSoLkRXMT9fYmkRF5tXaTrVjtqKKHojXaVFZSKyXRvVQDbFAzX6nVydQaGuX8rBWrOevgVSpxWS0s-FRoqtctie3bqKBmzM6dWoYwddTZaMiZUv4pRM85St3qHqAp2P_gDtjHCrqz_sGmZ65DoA1CXWxaOeqvg4QhfJFa_FCuRo-WpEDUbUPADfY-42w1r8gxizpfPVP_bMs6F_jwFxBLQnafF6xhoEfpit3tpcxqXfqpinsXQRHP3VuYYpoFJPkqtCIkUeabblnAk-613qiebDi93Dy_QuVnA0qxV0KGjvUgmRYZLyW08zGBqyCuItKGe5RAqJ-m7HM7vSxAGSrpJZPWdE9tdIXEs20meNVNBMln47wiyXotD3StA9MosIfgbHN7DVNM3JLJn21u1gsFc_cfb0VsoNI7-6egohh-ucxO2Ewfvs2TqBhUFu-C0c_HQvrFOKfXUUZTsqFqYRPbQJyrVPpBH8HAJ9gXht7X0vbug9eBeM-L-K20nGz0QJL1CusmYcHg_9yrn2AejbU2ISp3IMZWaXbXi8eXCHP_HFJVNmAoi2QhjeTvJMGEUveq0HHtNZS3uBLhR95SmPHuBScHv-aRnKKJA6gpNN20uBcX9SE6p5Fcl3KeC3uDz_9v0zWmue5-nXa__tr_t8Us4Q5Jg8qNe5T5cNVy91FBMjHSyBNUxDsNKpAlEWMdKCAJF3PLa40k_AbDhBfIyQrXJRnXq48jjONJrToy3g3ocAzVFMvaT4MF9UmIBSgUU1nJViGP8bT2lhkYmUumKa7UJhuz6AOegalZSpzbfU8rNrY14IO4LrQ1xayXSEDKAJLcdUffgNcWDdo67NGPtHRjHg8YI-hC8Nnkf7eku6TqGNOyDGmI2aJSYk3A0D6zMOkBeFZFdr51Iq47gR9DlXffyx3qqt6TzK0oWVaBQf4qCKqH_ui9pg-QYSJ97196yBkFUe2K0mKgEleZwxY8XMjer8GuVFqTZlEgIj_iUGtqsW0Bp46oQctyQJa6VKaCkhLOACQ8HFBaRyoNQzUiQRwiAQju4&sai=AMfl-YS8IrT0EhCZeIW3XUKfcFa-nPJrG8zqdS1LD-HkTHnOZQ-ec3aKF5_PSBQme-__RiUbUYi3JIaOZFWgBZDgu24a8cc24c9D-MuSG2uif-UrH-_6jjjPQmhZHZ2CCqTmzIneEDk_jJijoWkvEwMbEI4mJKmhra-wbGRzNDdkohC177jN7-8PJcAJ5oSwwlbyKsbj52dbVZMXnWBHm8X5QJ9aI3f66v6tVTDT0teDEUf9EF-vNTf-ihNGyX-quXDrhki4zm9bDt6sUlFvlTPRmW0Q46t4Av6rrQoCXKXETtCrhcfv2tD0VBciJ6P2qBW2Ao6n&sig=Cg0ArKJSzFd9XD0LbgqNEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK dvbm.js
cdn.doubleverify.com/ Frame 332C 431 KB
431 KB 88ms
2ms Image
application/javascript 2600:140b:a00:e::b81d:8ccb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.doubleverify.com/dvbm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a00:e::b81d:8ccb Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 06:15:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jan 2024 12:37:08 GMT
Server: UploadServer
ETag: "6c026d9fbb7d1247696cd0ac97939fa0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104827
Expires: Mon, 22 Jan 2024 06:30:57 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 332C
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNaySBDBg5DdBRiY3_iDAiABMAE&v=APEucNULCyq63-RmvAHassuGpjRKplMWA26fO5pFXRCouC4Mrz2nX8-a4smNk3g5Nh0sBpx5p9HW9tt1kBR-aU_EmDNZ0l_k1vrHH0JZcisRcYAdxzf0wHA
https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
409 B

96ms
44ms

Image
image/png

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 06:15:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 332C 0
20 B 38ms
37ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 332C 42 B
64 B 39ms
38ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD6teTnC9I3C1dcUJI5nEp1ghj-porvcm4DXH5ju8p3ryeH09RXMfFRKGCAz6LdKU6XuP6YwniC5Y3LhmNTbkvGol7Z-vIb6tK0AXA8waukNt6VQs-Rxz0d8C3lPYkvcTW6vIn4s9vuU9SyYO6PRT4NhWJ&sai=AMfl-YRyyeiRLFtju7zLUs1MtnfSA8s9XbRfm5yt9OxfmFITcpO7_PbRfgZl8X_2mIsnrtUlgWOHa9Yo_ikhmUs4e5x5c_w77wq-5eUqqLeNF_MrK5d2_SMoa9VdGCLZLSPSrYGIZ4isvBLnFBT8kfLopg&sig=Cg0ArKJSzBwY24a3gMZAEAE&cid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D14%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D293357597%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705904157052&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 332C 42 B
64 B 40ms
39ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ce_o2GwiuZZnRFMjbs8IP35aQkAKYmvi6dcWr69GaEvzEotDkAhABIMOm5R1gifPFhPQToAHEjPrIKsgBBagDAcgDmwSqBPsBT9AMnh-vZ8dprM1KIIpyQABkYfiaRMiAzzOAjSKNDlkmjSbV6q8MT5204rCNSPcNyq1MlC-cmJkPRqAJeOFG3usv4YB960EsURHEEBZLE1uYFJYh3IjIxBxJRu6cYfZHvrxBYNOSVY46jSzyvwpypvHySSGvn-GdE0mtS-j49J9RCWUGKbtlZKHExr4s55DT8ZFjsTgwB1q3nWr_h-JIKT7G-tHxDQl7se-83CULWLooC01n2C6JlBUiawU1FHf-zRh1UiEwHy5mGmNJ-AlWK9Re1i8mvYt7EeTkqpuZml9yWxLRfT0qsZJ7iEHpAt5COpbJe-4H9B5WChvABO2NxIXABOAEA4gFvO_jhU6QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY16bMmazwgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkpQsBPz3K0WyBOnjK_kA9ATANgTCogUA9gUAdAVAfgWAYAXAegXBQ&sigh=sEMiR1DjKVU&label=vast_creativeview&ad_mt=15&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D14%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D293357597%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1705904157052

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 332C 0
54 B 194ms
193ms Ping
image/gif 2404:6800:4009:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lrojafml&c=5535804551258&slotId=2767902275629&qqid=CNnKzJms8IMDFcjtTAIdXwsEIg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2085&mt=video%2Fmp4&vs=1024x576&dm=6000&ple=1&umsem=0&event_name=first_play&asset_bytes=200757&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1cl~ff.1cx~videopreviewstarted.1cy&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:800::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCE3 0
20 B 44ms
44ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BBMpsHAiuZd3IK-70s8IPotKa-AYAAAAAOAHgBAI&bg=!QUKlQg3NAAa8BdJLnAU7ADQBe5WfOCD2fcs6LTSN23HE9MyRMTuSB1gI97DTmnVDFe8bJAFND4903ffJJ7tJ9LZk1b-TAgAAAHFSAAAAA2gBBwoAnUX1UKnQi2_wy6_6pVEr7YDWsmAHCua_Vjq_6LTWCB1lOLz-XYUgp3s6Db5XNR6aTY0Xm1TlSePw0GubBY4w921f1O6DF8rYHxhSQgX2KHbGb5bhNeJm1N3I8h1gkI9WZe1MqeU_BHWWmXT4ZGcJzeA-GeE2JZzbyZ3PjNcvqPHL81laL_e9X2hm_hDsWQN6YhNz7NmVEZJLBheSl-SZAtTMs9Zi2AtA2JYOdkb_-uzwD4Afsgeq9CIl_qw6fclUY65r1AbBNy_fes51amkN2OScbqjhqqjtpI_vXRiiiXV3aXb7QmMQBtKcL-mD7kanUt6pZcYx0kq1k70ssiHFgtQWAtgxUsRsdmTrC9kixQcfV8EmOYkJ-FuoKLia9ert7FhcUTpgE_i3XMILSJwdjLPy7XtbHU3b_7A0qqxqfTz1rjxDato5gXvsz7IxAXosPor9dDk1rgLKBX8gOew4d4RPUEdRQjFikeGZHTfjd_iUmtjerNXzDJYxJE8_tWlSUdybZaCtVfu_ivQ8Z2hP2nOwm4bNYIqe3Z4KJH4gv-n6cKP-qKUwq_Ca167AqaJ8qmSGzKuaMrbC4Lj1jdiIy-GONj1d8DHsh8skiQRWoaRlzwb3EktBsd1TWsFlRiDE2rZwMVL17G7zd1DngPOS7_DfogcC3yXFGEjXiFRcRt6WSMWtXNRKWQWcxokbM3P2lVPLprs3u-j3l4qOSUAZL-knkM3GvYGs9fQdUO6-mWlNbPXFCnpcJ1QlufYbxuz6lr28vEWFSENbozzBEOv_E9iVc7MW7_3ZQFXAnRT7vMZMenD1gZ6H5RFhLXNZ3KjzFQ4gQhgLKWHOVBFvv6E8OUmlI4IzI1Eb2eVqsyv0wVZBYZyyLFiky5Ktt0NSCPam5RRWJOrCkezyvGnutlzIs6yhdic72tUQWEb2qE7lgFGIVvp_kFBijSG-iRd6wNcnTf4BM6fCzB4DsO8vjsCfsGAqsSu5rcwUzSdnEkjRuZv1PulC2w1KzyxUfFAdEGdqYNgw4639oc4se6mZukWESIENnIfzRMn7F_if_Bz01R-juFyXDDKl5yxq-bBVbVOXimNAxJqgcam22ftmeZ9Vc-ncRdQ6lmGAuad3zF5ZrLadVkZsIT50UlOVtdLoGTDSqelBj2Bum7zO_AUbroIniKM-aovm

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1791ms
1791ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 06:15:58 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 520A 42 B
64 B 43ms
43ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7UXleC6AcPG88KqWMS868uXjyoiz5n7J6NlasamOL83a9fvar1v7XPXNXb957Lbxgc6cSAbegp9Z_uMo4Mg5tHUm2k4yx7KF5_i7LKZj1A7GdxPbdMAecMUQ2jfRLNJQXCxNtHNPEKm2c5jwGMJF11Y8n&sai=AMfl-YTsos1nzWHFAXIGnv1CoVZxY2LFzNM_FTBpDfqPNvhlEgBPoyjodJpTL8l_2In6wDCQrkDr_EjckKxfmSNK4_qhzPt10gEEUtmsm270K_cvJ2TPRuHXQ9bVTpTWkgu6MJU_Ua5GI8ZEqDjgS_89&sig=Cg0ArKJSzJbnHi8ArIuPEAE&cid=CAQSTgAvHhf_BLsXr_M1_rmpXKW2FHFkTwXUvZ5I8JOELggW2SUEzf0MACKZ2pDI8P4DvvgXyt432CzNR4SLzmGKv7a3VMk0gzInk-XpgFD1QxgB&id=lidar2&mcvt=1038&p=0,0,200,940&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1158759801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705904155309&rpt=846&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame F192 299 B
436 B 2ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df328cef68338f7%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&send=true&show_faces=false&width=450

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: 2hLAKdjED8/jitQ+nKv9a0Gcr9Zxt5GrKxtGOXf/YhisOxdob7svNaTek55LhvNhRNfaR9GNqqwnUPHpBySlvw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Jan 2025 18:05:18 GMT

GET
H3 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 1157 299 B
436 B 2ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5be75381aa8e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&container_width=940&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: 2hLAKdjED8/jitQ+nKv9a0Gcr9Zxt5GrKxtGOXf/YhisOxdob7svNaTek55LhvNhRNfaR9GNqqwnUPHpBySlvw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Jan 2025 18:05:18 GMT

GET
H3 200 M6wu7El2pZB.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yo/l/en_GB/ Frame F192 527 KB
136 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yo/l/en_GB/M6wu7El2pZB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ecbb4998de8f375692725b7d8cc8169a5d0ffc8e5e3d572c10fccc3bca5699ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: O6kETDPGaGbMbVFyFPTDDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139229
reporting-endpoints
x-fb-debug: IVmuvPqyIOfacg7fihz0c6iI0VKyk8ykRR1r6ccBhDPzheCoc7x1mxLBf7bMnMzl6RDNIDWpoSGFxeMVbGt0WA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jan 2025 00:35:55 GMT

GET
H3 200 M6wu7El2pZB.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yo/l/en_GB/ Frame 1157 527 KB
136 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yo/l/en_GB/M6wu7El2pZB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5be75381aa8e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&container_width=940&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ecbb4998de8f375692725b7d8cc8169a5d0ffc8e5e3d572c10fccc3bca5699ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: O6kETDPGaGbMbVFyFPTDDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139229
reporting-endpoints
x-fb-debug: IVmuvPqyIOfacg7fihz0c6iI0VKyk8ykRR1r6ccBhDPzheCoc7x1mxLBf7bMnMzl6RDNIDWpoSGFxeMVbGt0WA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jan 2025 00:35:55 GMT

GET
H3 200 adxx.php Show response
fundingchoicesmessages.google.com/f/AGSKWxXDK5j4e1Q5v0Drat8prF5hMir-v1SHFPldcmqVSI662rH6C_hrH3oaPkvBEy4Frrd2m9oDYoLMcB2jpS2XfcVedMLKYAANByg6R5yK4sTbXp5QIMuqa7yvU2OUTFdFwC1OU3TW1819sKmCdMZBAdctFnLze... 54 B
110 B 48ms
47ms Script
application/javascript 2404:6800:4004:826::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXDK5j4e1Q5v0Drat8prF5hMir-v1SHFPldcmqVSI662rH6C_hrH3oaPkvBEy4Frrd2m9oDYoLMcB2jpS2XfcVedMLKYAANByg6R5yK4sTbXp5QIMuqa7yvU2OUTFdFwC1OU3TW1819sKmCdMZBAdctFnLzedQ7xJqURx-ORQ_xPQurzG-UI3xpIjWC/__skyscraper160x600./ads_script-/ads/scriptinject./adtagtc./adxx.php?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.khJvDeFsmbQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMztJFSo2Ov8qj8gviHChneBqNo7ow/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1926e9988dae2b426f6ef3381762dbb43897e6c21a2d28953ddbaf05915667b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ztu0w-IK-clB7yn33CuBfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ztu0w-IK-clB7yn33CuBfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwOxq_gMVl8gnhI4g3UOELdEz2CdBMRO6TNYA4D4c-YM1t9ALMTDMXfCjrVsAh_29ixkBABRVlnd"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 3ms
3ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://payroll.my/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 03:02:55 GMT

GET
H3 200 Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame A8C5 721 B
532 B 3ms
3ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8PXgZwd+47LIQZAIO7K6FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 393
reporting-endpoints
x-fb-debug: 1Q+IGoJsy7yYFp8NiivmXcoXd845++fC8dV7daNtog89A2UjfvDu+2sjUJ9F0bLviFTPmAodDKWXWh/5CZAGcw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Thu, 16 Jan 2025 18:50:02 GMT

GET
H3 200 OkQEuDSv139.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame A8C5 110 KB
19 KB 6ms
4ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

077ba19da8900544b2adaca3f2da24093b15b172bdd262cb65dde9eb84f3188a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2DOqnFPPeWyHmYcrdmZmcg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18936
reporting-endpoints
x-fb-debug: cYJgAZGA1ZcFkaZYmk9TvJCSnihzxXM5eY9EPmEgmXxp7oaO/Yn+CNa8i+13p2CHuPo2FX2uQLIBOyoOU/eoOQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Fri, 17 Jan 2025 00:48:41 GMT

GET
H3 200 oZB9N6h5pPF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame A8C5 353 KB
91 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07e7fe2ae1f7a8b12a42abe3d98f965966c1b8f505d3b4b2c951ed072bc3bca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xo4X8+9CY4R/JniO37MSig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93331
reporting-endpoints
x-fb-debug: Em5eTNH7/0aR+eIy1EQjjiLmQdusDke4RS/eUDfnhOQdxYkAaSwFp80Tei+L2pYL767KxSlmX+smHZ0PAGnZ5Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 17 Jan 2025 23:58:00 GMT

GET
H3 200 oF7Xe3ynEK-.js Show response
static.xx.fbcdn.net/rsrc.php/v3ij9m4/yc/l/en_GB/ Frame A8C5 149 KB
42 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ij9m4/yc/l/en_GB/oF7Xe3ynEK-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8caac5030a150ddd4ef06d1c50d074294ff5267a749734bfa1fd54f5b52a9cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aQ+IJcdOmwqaQ9985lK6FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42794
reporting-endpoints
x-fb-debug: I9XttkAWEFiUD08BtAScLxr/+A+zKj89fbMi3+cgzGEIT+3mg3iKlo6ddlzj+mK8MKzfymz6nLIIaHjjm7pNhQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 16 Jan 2025 19:59:22 GMT

GET
H3 200 WUdcLkNMaes.js Show response
static.xx.fbcdn.net/rsrc.php/v3iMWt4/yX/l/en_GB/ Frame A8C5 1 MB
282 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iMWt4/yX/l/en_GB/WUdcLkNMaes.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6db09329554af8189853df3469063ac1b7720675ebe7e97f00a5d1ddd94213be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2pAVIMBNChSe32QXtKMzqw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 288901
reporting-endpoints
x-fb-debug: SOlBxOrCz4wOndqqv3RJMUjDLgMmlxvitqgEiHila6TeuXmdFkO9S1e8hMVcCasEEv2lxk8nyzBFodEmXA/7xg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 17 Jan 2025 03:35:16 GMT

GET
H3 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame A8C5 507 B
431 B 16ms
15ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: Wzq64HvgUAtykolCIixeTiXHAanz7CmaimEWET88pQbATWcIR/jzsoXK/2R6TSgaxk48RIkD3SdmtJHACFx4qQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 09 Jan 2025 18:51:12 GMT

GET
H3 200 UJXYgemRRzw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame A8C5 32 KB
10 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/UJXYgemRRzw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50ee3d45d8548f00dafb5e53efa12a3d1b4206695f070f141a0e331b8fece453

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cOPHLCh2gOQj620M1pJW+w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9833
reporting-endpoints
x-fb-debug: D0EFGrasomn8I34hAM4RNS7SbBn+nymhxFw0/k/4T32s4YnJnQI9f6ZgVvH8cldpNEJ4amJKXKzSI0TDxW0/iw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 16 Jan 2025 18:28:49 GMT

GET
H3 200 A26OeqL15Mp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame A8C5 58 KB
16 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/A26OeqL15Mp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6cddb0acb8765d10d69cd416b80ae7c8a9cb35333f4569c4aac932c2e396ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hAHu/efVQlxvbPr8YcLnNg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16011
reporting-endpoints
x-fb-debug: zQVHWlw598jXMb1FqJlYEod7M7FeSbCpuG2KKfUoFOl5DVebRBZXw7yyAYT/1NwlckdWCaBl3t5rkbUXuE7a9Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 16 Jan 2025 22:29:32 GMT

GET
H3 200 5GNyB6TDiVZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iCwx4/yU/l/en_GB/ Frame A8C5 44 KB
13 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iCwx4/yU/l/en_GB/5GNyB6TDiVZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e486b72c643803b3be1e9831107d7e5eb6c2d4b92c5ed2db34be933ef118513

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 35nEkQrciWmxhRqQ2fGYHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13333
reporting-endpoints
x-fb-debug: szupOJd/NuWZqvsgzQ4OJhtaIZfM+KScueHVw0bLT0j8+3nGw0CJ6StRmeCirl92yVVMyXkRmRmUnlqlW2K/6w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 17 Jan 2025 15:13:34 GMT

GET
H3 200 z31ngGZdhnV.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame A8C5 665 B
508 B 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/z31ngGZdhnV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/oZB9N6h5pPF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1eb9264bcee3a8ac6aff4bd3e5b872536229538f6e48146129d01383c5fb5b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: g6wzwjk4vfMcvcTMM+9FCg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 364
reporting-endpoints
x-fb-debug: ox3XYgj0wNPv7GT7E0ZfSwO/FW4/44sPfrBZfyPTGWtDFgFV9ldKyZg5S28Le+rG+UR83RL2EpQz4MPP8l6l7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sat, 18 Jan 2025 17:46:38 GMT

GET
H3 200 JZUNEvdo8io.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame A8C5 57 KB
57 KB 4ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/JZUNEvdo8io.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b55a9e4a8ee877aedcffb5e76f6d1fded8260177ae8f72b5bbc3cde8a7ddcd10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/OkQEuDSv139.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
content-md5: 8KvuQoZujxOjzxw3/WYnxQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58367
reporting-endpoints
x-fb-debug: oeDJkU0bS+N12ezq0HHonjyG7x4vM6xEGUnC2JDJOW6NVGvkg14W90tKtO2+9P1N6CXau1T+sCUWG5TgWNuSzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Jan 2025 18:26:46 GMT

GET
H3 200 1f642.png
static.xx.fbcdn.net/images/emoji.php/v9/t4c/1/16/ Frame A8C5 480 B
620 B 4ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/images/emoji.php/v9/t4c/1/16/1f642.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

790febcf2123f481b536e9443d1843fb4fca516886c4df9ebbaa45c6c2e1f393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
content-md5: vVk4MGJSkMeB6vn2kaVICg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 480
reporting-endpoints
x-fb-debug: iBRtlLDRGn+V6U79p6h2JHEPXwlNYhkFy+DNuXysdriFzH/Qt4wSHS0hIXHgctvNhUzFiZCFP5L2q3PEfId8KA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy: same-origin
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jan 2025 17:30:48 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame A8C5 1 KB
1 KB 3ms
2ms Image
image/jpeg 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1131
reporting-endpoints
x-fb-debug: BGvO1i2WWu398O05cjKdcwwc1KwuQ/G6DBTqL7rjUSl+lt8bsHPYT8y8X9QsnBtxq/h2LZV7bLPt31uxLOtrbQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Jan 2025 20:07:29 GMT

GET
H2 200 273207473_5198501090173466_8522824303781114115_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame A8C5 2 KB
2 KB 13ms
9ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/273207473_5198501090173466_8522824303781114115_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=101&ccb=1-7&_nc_sid=4da83f&_nc_ohc=LWHKzs6dY3UAX-b2HYN&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfBmPtBcRq6WoHWse1dlSZyAOQ9gWacV5tC_daYP4-ASjQ&oe=65B2FD4C
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c850c10aa4899bd4a2eaeb737f7b0b13391809f99ec5501b4fe6594509ab7eb5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 06 Feb 2022 13:17:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3524601283
thrift_fmhk: GBBw3+hapFozQ16zx/vThukeFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1821189236
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1601

GET
H2 200 246954853_10158496686154632_7425325893956703944_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame A8C5 2 KB
2 KB 7ms
4ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/246954853_10158496686154632_7425325893956703944_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=104&ccb=1-7&_nc_sid=4da83f&_nc_ohc=03qLkefiYjYAX_QChFQ&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfDarEPlH3YSTPeCRUR8klvGyfnZ7PXzIcTopdSQx7ed_Q&oe=65B25A08
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 59bcd53a08e399ecdfad42ab10c8b6f15abdd14e9192e4024a364e3d4d4534ef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 18 Oct 2021 09:46:19 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1947876079
thrift_fmhk: GBBXtjoUmz6MEo1LilTmBWDhFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3549813919
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1679

GET
H2 200 186548103_10159375368209169_2306796077581157640_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t1.6435-1/ Frame A8C5 1 KB
2 KB 10ms
7ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t1.6435-1/186548103_10159375368209169_2306796077581157640_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=109&ccb=1-7&_nc_sid=db1b99&_nc_ohc=_aDLpYnDo3kAX9s8KGZ&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfDHh3SXMOaInd0Q3gB1evTlZRvGLdFB_eGAUDmBphb7pg&oe=65D56CCA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: bd5cbd1afe7b610fb0120c840d5a541ee4e7bbe805ee9c2d4076c892bc6ceef9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 29 May 2021 02:58:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1816590399
thrift_fmhk: GBASZOxJ3CaKMXph4A8S/CJDFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1019122139
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1526

GET
H2 200 310008250_10160143016892378_602186734096505455_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame A8C5 2 KB
2 KB 11ms
8ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/310008250_10160143016892378_602186734096505455_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=109&ccb=1-7&_nc_sid=4da83f&_nc_ohc=CaSa2Q1nfKAAX8JfoT4&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfBsqqy-jKdi2hpwMYXQaoYFsoICELdY0OIRd7TibzlgIQ&oe=65B210FD
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 266154824b044285a2fc31bad08e73f485515a890ace7743640cb220f42256a8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 11 Oct 2022 09:21:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1839074267
thrift_fmhk: GBCfrU973UWkNjqkgiKl/2W/FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1155586608
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1555

GET
H2 200 401659875_6703213746413504_5641985060773046276_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame A8C5 2 KB
2 KB 8ms
5ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/401659875_6703213746413504_5641985060773046276_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=106&ccb=1-7&_nc_sid=4da83f&_nc_ohc=7DsiIqTeMYwAX9D-aTT&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfB_-bZtCGYpdZQPKkZpXPA3XUiOpFai1WfBUCyp-a8p7w&oe=65B39D95
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 381db1a47335dd5b5f982729cb57029d9a57f730f52a367e4f36bcb14941bfcb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 15 Nov 2023 11:13:50 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2823826224
thrift_fmhk: GBABR/DqRA4KIJalr71s/DBYFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4291900955
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1623

GET
H2 200 321228303_730425441764111_2363840280933130731_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame A8C5 1 KB
2 KB 9ms
6ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/321228303_730425441764111_2363840280933130731_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-7&_nc_sid=4da83f&_nc_ohc=gfDHVwEyd1IAX_S0kF_&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfAwVf5-kZMwkn-DS70bhQKR9JGVe7PgK5pUEqjYX-oSRg&oe=65B2F576
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 06959a8e30d493fef9b942cf5403afcca1bc79b86332325f2b747d3c5dd9f10e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 22 Dec 2022 13:20:42 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2601442055
thrift_fmhk: GBAo/y7lsI81nkNOdRgz2xg0FfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3687345651
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1446

GET
H2 200 394818938_197267666748544_1748955313559246358_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame A8C5 1 KB
1 KB 9ms
6ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/394818938_197267666748544_1748955313559246358_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=EmGlNNcu5S0AX-tKPLy&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfDC-jxRLAz6zGWekehgtuR-800kZiTEilFs74uGZWCJKw&oe=65B25B77
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 865d3da6231f7d506bf80e21590eacdf83ed8c4b4c0af4b09f3d8ffb4eebf72e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 23 Oct 2023 08:55:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2737062699
thrift_fmhk: GBD48lgX0M80BoVy4t00FlA2FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4018794760
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1167

GET
H2 200 556063_4219491719371_158334285_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t1.18169-1/ Frame A8C5 1 KB
2 KB 8ms
6ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t1.18169-1/556063_4219491719371_158334285_n.jpg?stp=c4.4.48.48a_cp0_dst-jpg_p56x56&_nc_cat=107&ccb=1-7&_nc_sid=db1b99&_nc_ohc=7RKPcHvyiXAAX8gnieA&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfBNy6lLPt5bUFRyCfjXVnXhrLa6bO30RHdzqRTzTkKyqg&oe=65D56B26
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1f867034080df98f2ff4dc99888eb5cdc3ed1214466315f22a476c7e03bd2203

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 03 Oct 2012 00:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2025174364
thrift_fmhk: GBDeYufqZz+YzSYgvz6I7RC0FfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2460155509
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1425

GET
H2 200 45846957_10216243081863652_7994321197544243200_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t1.6435-1/ Frame A8C5 2 KB
2 KB 8ms
6ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t1.6435-1/45846957_10216243081863652_7994321197544243200_n.jpg?stp=c0.160.754.754a_cp0_dst-jpg_s48x48&_nc_cat=105&ccb=1-7&_nc_sid=db1b99&_nc_ohc=x3Wc1SiQ_sUAX9gAZ4L&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfBes177pdfi9bu9VGARtD2k7Skb4Yqkl9Vb7yHGE9gffQ&oe=65D58945
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: aa857b6dc0c9fbba5f9aefc95bb6106a4e97963138d73bba0f74f692b9ab2724

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 09 Nov 2018 15:09:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3868211856
thrift_fmhk: GBC/06K4YbUawHo5dHFqizMjFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1714544349
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1660

GET
H2 200 210304794_4439606292756919_6267894195583289308_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t1.6435-1/ Frame A8C5 1 KB
1 KB 11ms
8ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t1.6435-1/210304794_4439606292756919_6267894195583289308_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=109&ccb=1-7&_nc_sid=db1b99&_nc_ohc=y62UN9vGKOYAX-jG0NS&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfBSsnMw8BqBwmZcBv4M_JDKD3_NFePh380vN8SWDq4MKw&oe=65D58FC3
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 711c690368186e368be2d73093ca8fc9f416544e22e588e234fd434a80d5585e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 03 Jul 2021 09:05:55 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=562266521
thrift_fmhk: GBB3LUqJsJyvWMy/xNHqn5DnFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4141308268
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1299

GET
H2 200 22310168_1502661979803070_6762648421143474675_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t1.18169-1/ Frame A8C5 1 KB
2 KB 8ms
6ms Image
image/jpeg 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t1.18169-1/22310168_1502661979803070_6762648421143474675_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=102&ccb=1-7&_nc_sid=db1b99&_nc_ohc=ex_BYRb55OEAX-3OQCf&_nc_ht=scontent-nrt1-2.xx&edm=AJqh0Q8EAAAA&oh=00_AfALpnKSjsWheazKe3wyrqL4Pg1CzyQgtFOoPkSAWnV3aA&oe=65D57B73
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f1521c71925e4%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&color_scheme=light&container_width=0&height=100&href=http%3A%2F%2Fpayroll.my%2F&locale=en_GB&sdk=joey&skin=light&width=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1a745f40d06d542b3ef0542269eaa7195f26b13580896a62c18024e3101e53ad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:57 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 15 Oct 2017 14:06:17 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2095825023
thrift_fmhk: GBDGx6lqNNiU87qtQCr2rZPlFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1716786182
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1420

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5E26 42 B
64 B 41ms
40ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYUl1Rfs_KU8YBKzxatKv1Qpk5GQQi_uQGM3hHrRKmu_krjSPdvKjSEByt2i6usjhrv66XbSXCbU1H03Pu-MxP8Xsb7KkF9ohWTyo9sUWZpbNTLXcb3rJPgqai7GzWr-p15EAKYKxAnJGNtYpytPnraUab&sai=AMfl-YRd_kWnbbCDL29PvI-4ziLXSVtCr0ERwF5qALYuNxPZgwsvdezv-wxdUkUvzg8cXS922Qw-TNbE6KW6lu9whvOzz55NeP8RvTLZ1zxt4FC92PkWv78tbhnJxMR_-cUIQE-sqLFS2Z0qMzFrHWg3&sig=Cg0ArKJSzLQMZHQUxxjmEAE&cid=CAQSTgAvHhf_NBnu1R8t5n3dZ6FpTxqHd7lAkWKpKA6i3OKrwC4sDp5TWeozw2B5EToXjvVyGV3Ta8PZhBMsSbkeJ_a5qCmz-vg7asAAjSgskxgB&id=lidar2&mcvt=1048&p=0,0,250,300&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2266820169&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705904155318&rpt=1294&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST bz
www.facebook.com/ajax/ Frame 1157 0
0

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame FD6E 51 KB
16 KB 191ms
191ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dfe0b54ef365c%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=a6e975499c833b9ae625f1934334aa32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0b572062953add6fe4461f10b080fba60a7e3d2fd5c8133e0ce062c636dc902

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:57 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: I2BydEHQ5XOGfGMvCPJikynF44jsO5aebF4qnX6TcP9j79H8tkv8VZ/wIfOOeK0p+6+xiqJ2dJcOcKM8EVTG/A==
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C53B 42 B
64 B 43ms
43ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIYsMbneanvul2GeD0aSuOBBU8G8n5PIDE9bCWPpNK6S9UGo1MQ8bNicQvZTOYsH0ehr1pTZlYweyDHxBtxbRnyA5gKxqlVOuCXxa-j9CYv-CgyI3g_zVM1NMDLMdcUfC6tHTMbqYz3QYgmvtXI8U2vOqg&sai=AMfl-YQEI292GSlSRPVco0Jeh927bqxUJgtVBYxrnD_x1Y2wwZLDSpyHOqjO1uzRTPCNb5k1wbQ6YDtAlvgwHvRI2XdbJNAlz0Hh-ZT10FeDi695fMAKOHZwHwcV476nyVFxbsz3tLXfJPhi4Da9bax2Hg&sig=Cg0ArKJSzBC4EUhoxrDvEAE&cid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705904156269&rpt=265&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A4B9 42 B
64 B 43ms
43ms Fetch
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOK-fPpEdkVPF-s0tV5rZuox4lPRNrHhzKrzKnghgpFCI70ArK7kiL4VefHmBiaO9_-Ay1SctzywvHxWd2kzwZkZJIRs9FCe4OsFJMTYvECtgKXoF5xvgFCXl2bPqgj6lsxCFRq-l_Ed0w9Df-ZqKtsOzd&sai=AMfl-YQav8aLkRmqpYB3zUbyA8GpljuWzKhEeYj1873kgEZF3AeKEE1Mnx92DYab4UC9yMijWIvAcw9faxmwDTC1cvG05I7spBDrFsOeup_CtMmf1nH40lXnATnZi4xm_Hwdtvhql3PuW1xQIvc2z3nVmQ&sig=Cg0ArKJSzD-L9kH5vzpSEAE&cid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705904156267&rpt=240&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 332C 0
54 B 195ms
194ms Ping
image/gif 2404:6800:4009:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lrojaft4&c=5535804551258&slotId=2767902275629&qqid=CNnKzJms8IMDFcjtTAIdXwsEIg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2085&mt=video%2Fmp4&vs=1024x576&dm=6000&met.4=vfl.1cz&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:800::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame FD6E 299 B
436 B 2ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dfe0b54ef365c%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: 2hLAKdjED8/jitQ+nKv9a0Gcr9Zxt5GrKxtGOXf/YhisOxdob7svNaTek55LhvNhRNfaR9GNqqwnUPHpBySlvw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Jan 2025 18:05:18 GMT

GET
H3 200 M6wu7El2pZB.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yo/l/en_GB/ Frame FD6E 527 KB
136 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yo/l/en_GB/M6wu7El2pZB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dfe0b54ef365c%26domain%3Dpayroll.my%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpayroll.my%252Ffc0fa9966f0f5%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fpayroll.my%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ecbb4998de8f375692725b7d8cc8169a5d0ffc8e5e3d572c10fccc3bca5699ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 22 Jan 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: O6kETDPGaGbMbVFyFPTDDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139229
reporting-endpoints
x-fb-debug: IVmuvPqyIOfacg7fihz0c6iI0VKyk8ykRR1r6ccBhDPzheCoc7x1mxLBf7bMnMzl6RDNIDWpoSGFxeMVbGt0WA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jan 2025 00:35:55 GMT

GET
H2 200 dc_oe=ChMI3cagmqzwgwMVbvpMAh0iqQZvEAAYACDlqbFjOhoIwYOQ3QUQ7Y3EhcAEGKeMr-QDIMWr69GaEkITCNnKzJms8IMDFcjtTAIdXwsEIg;dc_rmcid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzF...
ade.googlesyndication.com/ddm/activity/ Frame 332C 42 B
107 B 39ms
38ms Image
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3cagmqzwgwMVbvpMAh0iqQZvEAAYACDlqbFjOhoIwYOQ3QUQ7Y3EhcAEGKeMr-QDIMWr69GaEkITCNnKzJms8IMDFcjtTAIdXwsEIg;dc_rmcid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ;eps=CIBhEAEYHzICigI6BIBAgEBIvf3BOljXpsyZrPCDAw;met=1;acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D1361,0,0,0,0%26mtos%3D1361,1361,1361,1361,1361%26amtos%3D0,0,0,0,0%26mcvt%3D1361%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1523%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D201%26dur%3D6016%26vmtime%3D1539%26dvs%3D1361%26dfvs%3D1361%26dvpt%3D1523%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1361,1361,1361,1361,1361%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D293357597%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1361;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1705904157052;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 332C 42 B
64 B 44ms
44ms Image
image/gif 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ce_o2GwiuZZnRFMjbs8IP35aQkAKYmvi6dcWr69GaEvzEotDkAhABIMOm5R1gifPFhPQToAHEjPrIKsgBBagDAcgDmwSqBPsBT9AMnh-vZ8dprM1KIIpyQABkYfiaRMiAzzOAjSKNDlkmjSbV6q8MT5204rCNSPcNyq1MlC-cmJkPRqAJeOFG3usv4YB960EsURHEEBZLE1uYFJYh3IjIxBxJRu6cYfZHvrxBYNOSVY46jSzyvwpypvHySSGvn-GdE0mtS-j49J9RCWUGKbtlZKHExr4s55DT8ZFjsTgwB1q3nWr_h-JIKT7G-tHxDQl7se-83CULWLooC01n2C6JlBUiawU1FHf-zRh1UiEwHy5mGmNJ-AlWK9Re1i8mvYt7EeTkqpuZml9yWxLRfT0qsZJ7iEHpAt5COpbJe-4H9B5WChvABO2NxIXABOAEA4gFvO_jhU6QBgGgBnaAB8TEyqgFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY16bMmazwgwOACgHICwHgCwGADAGiDAgqBgoErLqxAqoNAkpQsBPz3K0WyBOnjK_kA9ATANgTCogUA9gUAdAVAfgWAYAXAegXBQ&sigh=sEMiR1DjKVU&label=videoplaytime25&ad_mt=1540&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D1361,0,0,0,0%26mtos%3D1361,1361,1361,1361,1361%26amtos%3D0,0,0,0,0%26mcvt%3D1361%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1523%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D201%26dur%3D6016%26vmtime%3D1539%26dvs%3D1361%26dfvs%3D1361%26dvpt%3D1523%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1361,1361,1361,1361,1361%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D293357597%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1361&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1705904157052

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9144 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 175517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 05:30:42 GMT
expires: Sun, 19 Jan 2025 05:30:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C80A 829 B
558 B 44ms
43ms Document
text/html 2404:6800:4004:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:828::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ecb6cabdb755a68df180d89d42b0e8b951db9d21c43f475e919d2e1e575d0f87

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--0HmQC2KFijjh6mLiQhyqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payroll.my/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--0HmQC2KFijjh6mLiQhyqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 06:15:59 GMT
expires: Mon, 22 Jan 2024 06:15:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9144 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 05:18:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C80A 0
0 38ms
38ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=2777102490801278&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9144 0
10 B 1ms
1ms Image
text/plain 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rOKZyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 06:15:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 332C 42 B
64 B 41ms
41ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD6teTnC9I3C1dcUJI5nEp1ghj-porvcm4DXH5ju8p3ryeH09RXMfFRKGCAz6LdKU6XuP6YwniC5Y3LhmNTbkvGol7Z-vIb6tK0AXA8waukNt6VQs-Rxz0d8C3lPYkvcTW6vIn4s9vuU9SyYO6PRT4NhWJ&sai=AMfl-YRyyeiRLFtju7zLUs1MtnfSA8s9XbRfm5yt9OxfmFITcpO7_PbRfgZl8X_2mIsnrtUlgWOHa9Yo_ikhmUs4e5x5c_w77wq-5eUqqLeNF_MrK5d2_SMoa9VdGCLZLSPSrYGIZ4isvBLnFBT8kfLopg&sig=Cg0ArKJSzBwY24a3gMZAEAE&cid=CAQSTwAvHhf_vqQSniQipeusdf0sMiPxqDmj3-UjpaRzuNqcw4gdRQv7-dMEPeGoeM9NodcskzFKYeLJxNXWYILUZwgtUX1gEOGQbJTISUqFX_oYAQ&id=lidarv&acvw=sv%3D960%26v%3D20240117%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,164,119,373%26tos%3D2162,0,0,0,0%26mtos%3D2162,2162,2162,2162,2162%26amtos%3D0,0,0,0,0%26mcvt%3D2162%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2324%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D201%26dur%3D6016%26vmtime%3D2341%26dtos%3D2162%26dtoss%3D1%26dvs%3D801%26dfvs%3D801%26dvpt%3D801%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777217%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D293357597%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2162&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1705904157052

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 06:15:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7Te4/yt/l/zh_CN/2aTNZvh7Dni.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/uwgVV4_bDB1.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/50qsPPr-_ZN.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/i4NEvnb2_YI.js?_nc_x=Ij3Wp8lg5Kz

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE4C1Vwooa81VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w5Kw&__hs=19744.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7326802551735995901&__req=3&__rev=1010934254&__s=%3A%3Atdijif&__sp=1&__user=0&dpr=1&jazoest=21954&lsd=uhN5IPOEdXvKrid86Dgfwc

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7wKxa13wt8K2WnFwLBwqo98nwgU29zEdEc83WwvE3vx60Vo1upE4W0OE2Wwio7C0yE460qe4o5-0me0sy0ny0RE2Jw8W1uwc-0pa0h-0Lo6-0iq0NE&__hs=19744.BP%3Aplugin_like_pkg.2.0..0.0&__hsi=7326802566337436175&__req=1&__rev=1010934254&__s=%3A%3Af4o86k&__sp=1&__user=0&dpr=1&jazoest=21732&locale=en_GB&lsd=nE0PZCVR8K8lqG3XfJeKQ1

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payroll.my/	1969-12-31 23:59:59	Name: 17ed6ad1f789ae24085d565573772777 Value: 0ufl2n2e199dqv5jlndqr1gchk
.payroll.my/	1970-01-21 03:27:44	Name: sc_is_visitor_unique Value: rx8319737.1705904155.899E667D735A4FC2EEA8EEB0C1F98257.1.1.1.1.1.1.1.1.1
.payroll.my/	1970-01-21 03:27:44	Name: _ga_G85EWVDPZ3 Value: GS1.1.1705904155.1.0.1705904155.0.0.0
.payroll.my/	1970-01-21 03:27:44	Name: _ga Value: GA1.2.1833848810.1705904155
.payroll.my/	1970-01-20 17:53:10	Name: _gid Value: GA1.2.162018108.1705904155
.payroll.my/	1970-01-20 17:51:44	Name: _gat_gtag_UA_99577156_2 Value: 1
.statcounter.com/	1970-01-21 03:27:44	Name: is_unique Value: sc8319737.1705904155.0
.payroll.my/	1970-01-21 03:13:20	Name: __gads Value: ID=686571f1f9ed0ba7:T=1705904155:RT=1705904155:S=ALNI_MaAvmbr8IDASshYo88JpH__MJ0slg
.payroll.my/	1970-01-21 03:13:20	Name: __gpi Value: UID=00000cecdd30ae07:T=1705904155:RT=1705904155:S=ALNI_MZOVtZW6gDg0PdvHqyd28I4TY5AAg
.doubleclick.net/	1970-01-21 03:27:44	Name: IDE Value: AHWqTUlTWrUKPnGfcVrcT7Qk_FnpjVN5cGvQ6QDh8PBmJJIW1ZeWOB4hLmuy_Mns8EA
.googleadservices.com/	1970-01-20 20:01:20	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:51:47	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:10:56	Name: APC Value: AfxxVi4fWx0GYMstXpETkp4uvQYPwbIH9vKpg4iCpGdh7rIJt_4vzg
.send.microad.jp/	1970-01-20 20:01:20	Name: TR Value: 98a9387c4d6b49a7e6b64e5b32742ee024b724f4cc097e06

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://payroll.my/(Line 671) Message: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
bid.g.doubleclick.net
c.statcounter.com
cdn.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
payroll.my
r1---sn-oguesn6r.c.2mdn.net
s-cs.send.microad.jp
scontent-nrt1-2.xx.fbcdn.net
static.xx.fbcdn.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
static.xx.fbcdn.net
www.facebook.com
104.20.94.138
13.113.144.31
142.250.196.98
142.250.207.2
142.251.170.155
142.251.222.6
142.251.42.130
202.233.84.8
216.58.220.98
2404:6800:4004:2e::6
2404:6800:4004:810::2002
2404:6800:4004:818::2002
2404:6800:4004:818::200a
2404:6800:4004:821::2003
2404:6800:4004:821::200e
2404:6800:4004:823::2002
2404:6800:4004:823::2003
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:825::2001
2404:6800:4004:826::200e
2404:6800:4004:828::2004
2404:6800:4009:800::2003
2404:6800:400a:80e::200e
2600:140b:a00:e::b81d:8ccb
2606:4700::6811:180e
2a03:2880:f00f:104:face:b00c:0:3
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
0329e75b7b64bce4146972dc5ba6e48b9ccd12aaad76f85c2351fbd977bea0ce
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba
06959a8e30d493fef9b942cf5403afcca1bc79b86332325f2b747d3c5dd9f10e
077ba19da8900544b2adaca3f2da24093b15b172bdd262cb65dde9eb84f3188a
07e7fe2ae1f7a8b12a42abe3d98f965966c1b8f505d3b4b2c951ed072bc3bca7
09220d95a594d96edb7b812467cb4c048aca524c1876a229930879e64b28148b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e486b72c643803b3be1e9831107d7e5eb6c2d4b92c5ed2db34be933ef118513
143b315d7a4c819f34887d2b9c219823e84ce7210e8ede4e39799fc4a5919cbe
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
16905e9423a4f287012b36a15448072274b418b8b4198285989c126bea2db3dd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19842629ea545940c96b2bb76adf57676c7d4e1cb9f73c1574df82fb739e2379
1a745f40d06d542b3ef0542269eaa7195f26b13580896a62c18024e3101e53ad
1c7d3d820a7b76c6eb18b1936c2740e67e315da1890df8506f1a3df5a1e20538
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1eb9264bcee3a8ac6aff4bd3e5b872536229538f6e48146129d01383c5fb5b33
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f867034080df98f2ff4dc99888eb5cdc3ed1214466315f22a476c7e03bd2203
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
23f07b187439b7d1b17ded0d3bc1a1aeaa3724814c3a16a9df48c47057011adc
251cee97d19f564c2a623c16d2275a83f86c69a0946d97ad5ef563fb76524e22
266154824b044285a2fc31bad08e73f485515a890ace7743640cb220f42256a8
26876252a63eae3885b544ac4b5733fb349b3f41b509f1cdd0acd7c6ba2a2a57
282ec3875e7d2977770c63bdd9d7c2f3242dd887c20dc3592358d195521dacce
29661f75cf859eed6d3825705712429caf06e3e25d62a216e21321155ed5cb68
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
301fcbadcd8d48f386ea83daac2d8a2d39a42a3dd89a12f0ca10afe602e1aa54
308886ca4f251f5ad80bdf12303688d79ccb7bc74568e23ac1c5c3675e664211
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d5d20ba867e9d763b937c3bd7784b90eb2ddb7e5dac6f41689b21e3dcae966
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
3717fa6d66b60a45c53b1d440a79627d0f7d39923aa1afabb5bace7affe35b78
381db1a47335dd5b5f982729cb57029d9a57f730f52a367e4f36bcb14941bfcb
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
40da6cb2d356e4c6dda3d664e68dd179d9eb94519e720e0c1eb32a65cb1f1bb4
40e27355a751396e2b846297734bbcfb05659a492fc8fdd7d3e55016e1830ef7
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
43be5a3181a17e89330922c0015fd9cb33d5b4a5311e20f756dbe964e685c133
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ffd352b6f797ddae9438a3151b6b97905fa8ea0c6b9933c0ada7bccc8a59d13
50ee3d45d8548f00dafb5e53efa12a3d1b4206695f070f141a0e331b8fece453
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5962ad278b639c518fbfb6d08d6309e4e0f578a97543225a80a834f844ef3838
59bcd53a08e399ecdfad42ab10c8b6f15abdd14e9192e4024a364e3d4d4534ef
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d399bcd50e595112a3c3342889765359e5dba919dc738aa559e826aec89b31c
6149b525213ae7e66e56e7423f7347bf83fd129e619bbe2511c9fd5bfead7a7f
61ad781f947c847a3a6f5c42919cd5f3037691a13f00785614cf9606ed549446
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e8c9e046af76840b75cca06fe1753909d12c83a4ca22875ace675350be7a90
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
65804b809ce9d53092777cbf8a7bc720b5390e00466a8d90087b8ecf56c5f9ef
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db09329554af8189853df3469063ac1b7720675ebe7e97f00a5d1ddd94213be
7010799d0a3f9b84922aafda3957995808a3833d409c10dbb830321fb337236d
711c690368186e368be2d73093ca8fc9f416544e22e588e234fd434a80d5585e
75264df0baccdd42f82d96b3ff6a4ef143fb5b6e55daa7c4a3c50bf39a030b26
779249965fcc56df5ccc2c89293a582fbea63f785bc4041c878106b01b725dcb
790febcf2123f481b536e9443d1843fb4fca516886c4df9ebbaa45c6c2e1f393
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7b26c692500dd71cbd9b8d7e801152aa89394511bbe0e191f79aedef0951564b
7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74
8423e1e6dfea648f227c06c9a586ed64f9127c4de599822d4a368b7959adeabe
865d3da6231f7d506bf80e21590eacdf83ed8c4b4c0af4b09f3d8ffb4eebf72e
8847827b0072d169b434c10bf2b166f970da12646b4055f96002fb7a602e98d2
8caac5030a150ddd4ef06d1c50d074294ff5267a749734bfa1fd54f5b52a9cda
8d119493a1b55839c538f36e05cedc46e3f9feff8dcd315d09bb9916af903596
8ff4461306779ec2f103a21763b273970794a60eb5f5bbd123c7ade375bae30f
90f4d1b812922f4a71c96f078c1e591834c698470e515d46703c3926bde52261
95a68293f4eaeea95cb1871b459f87512346461cfbceb78b224807870dbe8ee3
96891b723a18b09f9110bb8467390aeb69fc82fa86b6afa4b377755badaa5d29
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9a0b5cc4632c4d0bf462cac4dd58a334354b44559581d7917cfeb6cece852cc7
9c4c1e27814ed4782e7d143039ca77667b57a9f0fce1309428405448b586863d
9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
aa857b6dc0c9fbba5f9aefc95bb6106a4e97963138d73bba0f74f692b9ab2724
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac0113db18b2bf86355b310ef7859c3eb6389566e288422497392ea8ff37eaf0
adb46ac9c7af42dca53b0071bfecfde1734eeab3677491d09cf1351bc0df23cf
b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18
b1898dec8b11ba6eb0911e1edd6a47be321a8d16639e1b936dccaa0fba1ee364
b196b41f2a34d49aa298a9c4bf1031e8c6358a40c35bc6c5503792cb11349f9b
b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2
b3a0912761370b7e042bb5bbc6fcbcc68887411f574aac2c56e166318eb7d8e5
b4d8abdcf8e148f33cf3d6b7430b7818c20bfce52795a31e74646d5896520ddb
b55a9e4a8ee877aedcffb5e76f6d1fded8260177ae8f72b5bbc3cde8a7ddcd10
b974952bf7f36341bc551f75e16d0bc88c270367d06125a7fe1a38bf24f88165
baf3f2350fccc484cf827c427779f63e3ab4c6a1ccebf7a25ac0f2a3c44159a8
bb0d7bdcac2da7402e126ad96a388ce507fa972b741323a5a40ea65df2076b8d
bd5cbd1afe7b610fb0120c840d5a541ee4e7bbe805ee9c2d4076c892bc6ceef9
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c3c96cceafde14a4669c2114ee0d10bce6ec0163064151a98824a2575d97eaf7
c850c10aa4899bd4a2eaeb737f7b0b13391809f99ec5501b4fe6594509ab7eb5
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893
cac134aca5d573ff54447519d5cb7ccb10e4be05e58ab04d1c823e9ca05de0b2
ccd1e09968dc4c7a4cf1c611af01c28f68b41dddd89e05ec265c250a6f665a59
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d0b572062953add6fe4461f10b080fba60a7e3d2fd5c8133e0ce062c636dc902
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d6cddb0acb8765d10d69cd416b80ae7c8a9cb35333f4569c4aac932c2e396ea9
d789be01c0926c65d6292504bf619e31af7bc336968b31f8a05103cd97adfb9a
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d8254941c31678787346d958d0efcded555e6cdf43c9d30b581f77cf9ae9f0bd
da9912d4e908e3788e753fe3583a9063c0b65049f82d366fe871f03368f7ce10
ddcebbf00b80631b39d8dc4c2a851f64ee7697506d6f0ffe0b0987f79247059a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e051fef31344075839c3aa3aa1d4adbdfabd0776172f6ba7415ab03178190eb3
e1926e9988dae2b426f6ef3381762dbb43897e6c21a2d28953ddbaf05915667b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dfe31c9a1176ec6dd88c64bbba94cd47d42f31d37ae6f2c35539d5b0b81f6e
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ec96d7051927b6a102f7dff9823c63a01772ceed56b23c31b4c8f8b60a2069ad
ecb6cabdb755a68df180d89d42b0e8b951db9d21c43f475e919d2e1e575d0f87
ecbb4998de8f375692725b7d8cc8169a5d0ffc8e5e3d572c10fccc3bca5699ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3
f0af3531d89b1b38f38dc7fa5c28bc4884e43eddad626dfd3133143948455f7d
f3d139de4c81d0a9c52d11ee08a7f77eb26f5b0455567a2c3c1cfb57d432077a
f3efab421df4aef33935196d505b69d5ead62d477a33377e8365cfec1fe89a1c
f52d737df458888643eccb2af914b9f26faab334a15fab6da9ecfa7282ea76d8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69fa757fca82ffa06f59a98a7a7d3640ea96f0fa6655a5db8255953f0b935cc
f6b5044cfdbf0d2d36814fbc517f7d1e48a83a10bd6d27ba6706dca074f06bc9
f9cba1857222e80c0a5c8bb8f88c681b511a5042d3d2c2ba1d745eb3c3b403a0
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
fff3f1732b8e800eba431e1910347f0412131c7a10b729860fc844ac99639c59

payroll.my Open in urlscan Pro 13.113.144.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

230 Requests

93 %HTTPS

69 %IPv6

18 Domains

31 Subdomains

28 IPs

4 Countries

5749 kBTransfer

13379 kBSize

14 Cookies

21 Outgoing links

Page URL History

Redirected requests

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payroll.my Open in urlscan Pro
13.113.144.31 Public Scan

Screenshot
Live screenshot

Full Image

230
Requests

93 %
HTTPS

69 %
IPv6

18
Domains

31
Subdomains

28
IPs

4
Countries

5749 kB
Transfer

13379 kB
Size

14
Cookies

230 HTTP transactions
7 data transactions