urlscan.io logo urlscan.io
SecurityTrails logo

mypaylogin.com Open in urlscan Pro
199.192.23.231  Public Scan

Go To Rescan Add Verdict Report
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Submission: On January 23 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 5 countries across 40 domains to perform 275 HTTP transactions. The main IP is 199.192.23.231, located in United States and belongs to NAMECHEAP-NET, US. The main domain is mypaylogin.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 19th 2023. Valid for: a year.
This is the only time mypaylogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 199.192.23.231 22612 (NAMECHEAP...)
40 74.125.68.157 15169 (GOOGLE)
3 142.250.4.97 15169 (GOOGLE)
3 142.250.4.95 15169 (GOOGLE)
1 13.33.88.21 16509 (AMAZON-02)
14 142.250.4.100 15169 (GOOGLE)
9 68.71.249.118 46562 (PERFORMIVE)
3 192.0.73.2 2635 (AUTOMATTIC)
6 142.251.175.105 15169 (GOOGLE)
18 64.233.170.156 15169 (GOOGLE)
3 64.233.170.101 15169 (GOOGLE)
1 13.227.254.88 16509 (AMAZON-02)
1 74.125.68.103 15169 (GOOGLE)
1 2 3.121.117.111 16509 (AMAZON-02)
2 142.251.12.94 15169 (GOOGLE)
12 172.217.194.94 15169 (GOOGLE)
4 18.155.68.64 16509 (AMAZON-02)
3 103.229.10.180 16509 (AMAZON-02)
3 9 103.43.90.21 29990 (ASN-APPNEX)
3 3 207.65.33.79 62713 (AS-PUBMATIC)
7 9 142.251.12.157 15169 (GOOGLE)
1 1 207.65.33.82 62713 (AS-PUBMATIC)
1 1 207.65.33.76 62713 (AS-PUBMATIC)
4 8 172.64.151.101 13335 (CLOUDFLAR...)
2 3 13.228.126.19 16509 (AMAZON-02)
1 1 72.34.250.75 27630 (AS-XFERNET)
1 1 8.39.36.141 26667 (RUBICONPR...)
1 1 8.2.110.161 46636 (NATCOWEB)
21 74.125.24.132 15169 (GOOGLE)
5 74.125.200.155 15169 (GOOGLE)
2 142.251.175.149 15169 (GOOGLE)
10 23.44.1.216 16625 (AKAMAI-AS)
1 172.217.194.149 15169 (GOOGLE)
1 23.207.181.216 16625 (AKAMAI-AS)
2 23.44.1.119 16625 (AKAMAI-AS)
2 199.232.46.132 54113 (FASTLY)
1 2 18.142.150.10 16509 (AMAZON-02)
1 50.116.239.135 6336 (TURN-US-ASN)
2 13.33.33.118 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
1 69.173.158.65 26667 (RUBICONPR...)
1 131.153.206.103 59210 (PHOENIXNA...)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 18.164.52.35 16509 (AMAZON-02)
10 3.94.66.151 14618 (AMAZON-AES)
3 44.237.189.200 16509 (AMAZON-02)
2 142.251.175.156 15169 (GOOGLE)
2 54.202.56.183 16509 (AMAZON-02)
1 13.107.213.59 8075 (MICROSOFT...)
1 151.101.129.108 54113 (FASTLY)
1 192.9.186.67 31898 (ORACLE-BM...)
8 23.108.101.161 59253 (LEASEWEB-...)
2 5 23.32.29.106 20940 (AKAMAI-ASN1)
1 52.222.174.21 16509 (AMAZON-02)
9 104.69.166.136 16625 (AKAMAI-AS)
1 52.32.245.107 16509 (AMAZON-02)
2 52.27.250.10 16509 (AMAZON-02)
1 204.79.197.204 8068 (MICROSOFT...)
1 35.244.193.51 396982 (GOOGLE-CL...)
1 35.71.131.137 16509 (AMAZON-02)
275 55
37    199.192.23.231 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: exactly-although.quarantine-pnap.web-hosting.com
mypaylogin.com
40    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
pagead2.googlesyndication.com
3    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
3    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
1    13.33.88.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-21.sin2.r.cloudfront.net
platform-api.sharethis.com
14    142.250.4.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f100.1e100.net
fundingchoicesmessages.google.com
9    68.71.249.118 (Toronto, Canada)

ASN46562 (PERFORMIVE, US)
udmserve.net
3    192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
6    142.251.175.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f105.1e100.net
www.google.com
18    64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net
googleads.g.doubleclick.net
3    64.233.170.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f101.1e100.net
www.google-analytics.com
1    13.227.254.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-88.sin52.r.cloudfront.net
buttons-config.sharethis.com
1    74.125.68.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f103.1e100.net
google-analytics.com
2    3.121.117.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-117-111.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
12    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
www.gstatic.com
4    18.155.68.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-64.sin52.r.cloudfront.net
bid.underdog.media
3    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
9    103.43.90.21 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
ib.adnxs.com
sin3-ib.adnxs.com
3    207.65.33.79 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
9    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
cm.g.doubleclick.net
bid.g.doubleclick.net
1    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
8    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    13.228.126.19 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    72.34.250.75 (Hemet, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
21    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
5    74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
www.googletagservices.com
2    142.251.175.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f149.1e100.net
ad.doubleclick.net
10    23.44.1.216 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-1-216.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
s0.2mdn.net
1    23.207.181.216 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-216.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    23.44.1.119 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-1-119.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    199.232.46.132 (Singapore, Singapore)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
2    18.142.150.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-150-10.ap-southeast-1.compute.amazonaws.com
fw.adsafeprotected.com
1    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
rules.quantcount.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    131.153.206.103 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
underdogmedia-d.openx.net
1    18.164.52.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-35.cdg50.r.cloudfront.net
static.adsafeprotected.com
10    3.94.66.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-66-151.compute-1.amazonaws.com
dt.adsafeprotected.com
3    44.237.189.200 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-189-200.us-west-2.compute.amazonaws.com
ads.everesttech.net
2    142.251.175.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f156.1e100.net
googleads4.g.doubleclick.net
2    54.202.56.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-202-56-183.us-west-2.compute.amazonaws.com
q.adrta.com
1    13.107.213.59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
1    192.9.186.67 (Bungarribee, Australia)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
8    23.108.101.161 (Jurong Town, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1t-sindc1.zemanta.com
b1-sindc1.zemanta.com
5    23.32.29.106 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-29-106.deploy.static.akamaitechnologies.com
www.bing.com
1    52.222.174.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-21.cdg50.r.cloudfront.net
pix.adrta.com
9    104.69.166.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-136.deploy.static.akamaitechnologies.com
dco-assets.everestads.net
1    52.32.245.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-245-107.us-west-2.compute.amazonaws.com
ipv6.adrta.com
2    52.27.250.10 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-250-10.us-west-2.compute.amazonaws.com
adrta.com
1    204.79.197.204 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0005.a-msedge.net
analyticspixel.microsoft.com
1    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
61 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
634 KB
37 mypaylogin.com
mypaylogin.com
545 KB
31 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
174 KB
20 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
179 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
765 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1004
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
110 KB
11 moatads.com
z.moatads.com — Cisco Umbrella Rank: 704
px.moatads.com — Cisco Umbrella Rank: 660
mb.moatads.com — Cisco Umbrella Rank: 809
117 KB
10 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
ib.adnxs.com — Cisco Umbrella Rank: 253
cdn.adnxs.com — Cisco Umbrella Rank: 1783
sin3-ib.adnxs.com — Cisco Umbrella Rank: 16863
43 KB
9 everestads.net
dco-assets.everestads.net — Cisco Umbrella Rank: 6990
114 KB
9 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3747
10 KB
8 zemanta.com
b1t-sindc1.zemanta.com — Cisco Umbrella Rank: 28039
b1-sindc1.zemanta.com — Cisco Umbrella Rank: 40158
1014 B
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
5 KB
6 adrta.com
q.adrta.com — Cisco Umbrella Rank: 3685
pix.adrta.com — Cisco Umbrella Rank: 4538
ipv6.adrta.com — Cisco Umbrella Rank: 3893
adrta.com — Cisco Umbrella Rank: 2291
13 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 53
10 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
324 KB
5 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 664
image2.pubmatic.com — Cisco Umbrella Rank: 912
image4.pubmatic.com — Cisco Umbrella Rank: 1237
2 KB
4 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 27827
181 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
google-analytics.com — Cisco Umbrella Rank: 21
21 KB
4 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4337
buttons-config.sharethis.com — Cisco Umbrella Rank: 4843
l.sharethis.com — Cisco Umbrella Rank: 4514
49 KB
3 everesttech.net
ads.everesttech.net — Cisco Umbrella Rank: 6903
24 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
1 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1364
pixel.quantserve.com — Cisco Umbrella Rank: 1007
10 KB
3 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2022
4 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
5 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
235 KB
2 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4271
analyticspixel.microsoft.com — Cisco Umbrella Rank: 7310
32 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1345
1 KB
2 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 3835
22 KB
2 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1933
4 KB
2 rubiconproject.com
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4763
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
2 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
566 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1517
249 B
1 openx.net
underdogmedia-d.openx.net — Cisco Umbrella Rank: 33973
581 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
1 KB
1 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
193 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1381
398 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 940
562 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
67 KB
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 4115
561 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 976
672 B
275 40
Domain Requested by
40 pagead2.googlesyndication.com mypaylogin.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
fw.adsafeprotected.com
www.gstatic.com
www.googletagservices.com
37 mypaylogin.com mypaylogin.com
21 tpc.googlesyndication.com googleads.g.doubleclick.net
mypaylogin.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
18 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
mypaylogin.com
14 fundingchoicesmessages.google.com mypaylogin.com
pagead2.googlesyndication.com
12 www.gstatic.com www.google.com
googleads.g.doubleclick.net
www.gstatic.com
10 dt.adsafeprotected.com googleads.g.doubleclick.net
mypaylogin.com
9 dco-assets.everestads.net ads.everesttech.net
dco-assets.everestads.net
9 px.moatads.com googleads.g.doubleclick.net
mypaylogin.com
9 udmserve.net mypaylogin.com
bid.underdog.media
8 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
6 b1t-sindc1.zemanta.com mypaylogin.com
widgets.outbrain.com
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
6 www.google.com mypaylogin.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
5 www.bing.com 2 redirects mypaylogin.com
5 www.googletagservices.com googleads.g.doubleclick.net
mypaylogin.com
4 sin3-ib.adnxs.com bid.underdog.media
mypaylogin.com
cdn.adnxs.com
4 bid.underdog.media udmserve.net
bid.underdog.media
mypaylogin.com
3 ads.everesttech.net fw.adsafeprotected.com
ads.everesttech.net
dco-assets.everestads.net
3 ib.adnxs.com 1 redirects googleads.g.doubleclick.net
bid.underdog.media
3 ups.analytics.yahoo.com 2 redirects bid.underdog.media
3 image8.pubmatic.com 3 redirects
3 www.google-analytics.com www.googletagmanager.com
google-analytics.com
3 secure.gravatar.com mypaylogin.com
3 fonts.googleapis.com mypaylogin.com
googleads.g.doubleclick.net
3 www.googletagmanager.com mypaylogin.com
google-analytics.com
2 adrta.com pix.adrta.com
2 b1-sindc1.zemanta.com mypaylogin.com
2 q.adrta.com bid.underdog.media
q.adrta.com
2 googleads4.g.doubleclick.net fw.adsafeprotected.com
2 pixel.quantserve.com mypaylogin.com
2 rules.quantcount.com secure.quantserve.com
2 fw.adsafeprotected.com 1 redirects mypaylogin.com
2 zem.outbrainimg.com mypaylogin.com
2 widgets.outbrain.com mypaylogin.com
2 ad.doubleclick.net googleads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 secure.adnxs.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 l.sharethis.com 1 redirects mypaylogin.com
1 match.adsrvr.org bid.underdog.media
1 lexicon.33across.com bid.underdog.media
1 analyticspixel.microsoft.com
1 ipv6.adrta.com pix.adrta.com
1 pix.adrta.com q.adrta.com
1 mb.moatads.com z.moatads.com
1 cdn.adnxs.com bid.underdog.media
1 adsdk.microsoft.com bid.underdog.media
1 static.adsafeprotected.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net googleads.g.doubleclick.net
1 underdogmedia-d.openx.net bid.underdog.media
1 prebid.a-mo.net bid.underdog.media
1 fastlane.rubiconproject.com bid.underdog.media
1 bidder.criteo.com bid.underdog.media
1 d.turn.com googleads.g.doubleclick.net
1 stags.bluekai.com googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 z.moatads.com googleads.g.doubleclick.net
1 cm-x.mgid.com 1 redirects
1 pixel-us-west.rubiconproject.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 secure.quantserve.com udmserve.net
1 google-analytics.com mypaylogin.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 platform-api.sharethis.com mypaylogin.com
275 67

This site contains links to these domains. Also see Links.

Domain
mypaymdlz.ultipro.com
google
pay-slips.com
Subject Issuer Validity Valid
mypaylogin.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-19 -
2024-08-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
underdog.media
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.outbrainimg.com
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.everesttech.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-06 -
2024-03-08		 a year crt.sh
*.adrta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-07 -
2024-07-23		 a year crt.sh
adsdk.microsoft.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-01-08 -
2024-07-06		 6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-10-18 -
2024-06-27		 8 months crt.sh
www.adobetag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-24 -
2024-08-23		 a year crt.sh
analyticspixel.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-11-01 -
2024-04-29		 6 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2024-01-23 -
2024-04-22		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh

This page contains 31 frames:

Primary Page: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Frame ID: F734E939BC18B7F473F6A81CED5D7ED9
Requests: 102 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: A223B443CCECF7906598A4B4B70FD0F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&adk=1812271804&adf=3025194257&lmt=1706049839&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=1710&bdt=2197&idt=364&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5266943474363&frm=20&pv=2&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=429
Frame ID: 1699607628BA4BA5CE282724800CCFF1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Frame ID: FBB3515D61A620F374AC2D56FCCC17AE
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=2019289390&adf=4098860367&pi=t.ma~as.8170439994&w=270&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=270x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=1&bdt=2198&idt=385&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=665&ady=3934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444
Frame ID: 9DF14A7174FEBA92992E3DDCA944E39B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.697687507~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x280&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840346&bpp=1&bdt=3131&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600&nras=2&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Frame ID: 0ED63FD121F5B58156230B276C0B5945
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=280&adk=2801471196&adf=871259380&pi=t.aa~a.2191923801~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x280&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840346&bpp=1&bdt=3131&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600%2C1200x280&nras=3&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=18
Frame ID: F05291DF807DB364D558B53B9E546F95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=90&adk=3070604948&adf=1723979762&pi=t.aa~a.1594335910~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x90&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840346&bpp=1&bdt=3131&idt=1&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600%2C1200x280%2C1200x280&nras=4&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Frame ID: F5D2CEF75737928EFC553513872D71F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 74DDF9404C0C679CB1413B3D6A2FCB9D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 931FD5A3B7C7300F462E3863BB09C8DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4CF30F31C53B95F5B980FCF6FE620AB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8A4709B89050E1CB4683A9ADC2B021BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPl86UCEOzRx6wCGPHZy4MCMAE&v=APEucNVKT7JThFjQFb5TysQ8gq_wh83Qtmnp_-w6QKbpVaQ4DUiinLxufbUiW38t9xcPoTXl0mh01eFUnMeeZfSZNMMjSszpYgFHCYKAoiKTMWdcvQ1Keko
Frame ID: 75A038939752A05E4A37EA8C5A4A53CA
Requests: 5 HTTP requests in this frame

Frame: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Frame ID: 0C282842A240BE7910700520C3C509E9
Requests: 11 HTTP requests in this frame

Frame: https://zem.outbrainimg.com/p/srv/sha/c2/40/88/71cf7bba6b58f1e68880eeb4f649bfa511.jpg?w=120&h=600&fit=crop&crop=optimized&q=45
Frame ID: 8271654B4DAB0B521D5979A57F74EDF9
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNXzAE1Sx86_bYCEupyGw5v4XWFLRBy4XOmO3-cyyK1tQAARsOd2YSOpk1Hxu1q88kP83PaBR2xA7T-xnWYENMPAMnPBy54H-SaNYbIGsw_tuVS4tNU
Frame ID: C137B13B24CA1128AE86A6E1A9848F5A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: AE1249E87829565E908947350FD5CDD6
Requests: 31 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 9BA722C96A6A8C532BD958F094728E6D
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=90&adk=3070604948&adf=3048218963&pi=t.aa~a.572715990~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x90&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840352&bpp=1&bdt=3137&idt=1&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600%2C1200x280%2C1200x280%2C1200x90%2C1600x1200%2C120x600%2C120x600%2C728x90&nras=9&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=8&fsb=1&dtd=627
Frame ID: 306FFE4307C6AC3E353325BD011846FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x90&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840349&bpp=1&bdt=3134&idt=1&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600%2C1200x280%2C1200x280%2C1200x90%2C1600x1200%2C120x600%2C120x600%2C728x90%2C1200x90&nras=10&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=9&fsb=1&dtd=636
Frame ID: 82B17F9F364864E6EEBC3729A4AFA3E3
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FDD589C4303D1BCE6412F680D47BFA5A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A0A8FCF7175F87736FD8B560B5E24594
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_&co=aHR0cHM6Ly9teXBheWxvZ2luLmNvbTo0NDM.&hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&theme=light&size=normal&cb=iaym3bq96ic
Frame ID: D754D45527E54F2945D2D3FCA3A8E4D7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1E676DA8693F6BD7F5AB4F206A97202F
Requests: 3 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=18969;tid=1;dt=7;p=1;rri=1706049840038_136608_182.55.133.166;mid=48183;zzz=%5B48183%2C1706049840%2C%22e8kLzkmZ%2FadKuUq7sYdFnw%22%5D;version=v2.23.3;cb=0.5244603980267866;qqq=26.784949001457104;session=1;style=slider;vis=visible;traffic_info=%7B%7D;
Frame ID: 062865BB77833B402E69E600645E0F86
Requests: 16 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_
Frame ID: 560E6E252190BD5B534E86F55DA086F8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 8B8C88A44629C4ABF9E65411A0EBA17E
Requests: 1 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbBBMgAAKKt2amCi
Frame ID: FBB831C0E6D5D4EAF3C7ED9DA0DA1971
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
Frame ID: E0BB5B21B5E2E39DF3ACD57C129D73AC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7830075110F6D804DD4DF5EE28153519
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C714A7584094ABAB996584898E9A10FE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mondelez International Pay stubs & W2 | MY PAY LOGIN

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /revslider/[/\w-]+/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

275
Requests

93 %
HTTPS

0 %
IPv6

40
Domains

67
Subdomains

55
IPs

5
Countries

3692 kB
Transfer

10388 kB
Size

72
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://l.sharethis.com/pview?event=pview&hostname=mypaylogin.com&location=%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&product=ga&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Mondelez%20International%20Pay%20stubs%20%26%20W2%20%7C%20MY%20PAY%20LOGIN&cms=unknown&publisher=5ff42dbbf474080012973d4b&sop=true&version=st_sop.js&lang=en&description=Mondelez%20International%20uses%20the%20Ultipro%20system%20to%20distribute%20pay%20stubs%20and%20w2%20forms%20to%20its%20US%20employees.%20So%20if%20you%20are%20proficient%20in%20using%20Ultipro%2C%20please%20log%20in.&ua=&ua_mobile=false&ua_full_version_list=&uuid=2ac567cf-b4b2-48cd-a952-71224cfc8c20 HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=mypaylogin.com&location=%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&product=ga&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Mondelez%20International%20Pay%20stubs%20%26%20W2%20%7C%20MY%20PAY%20LOGIN&cms=unknown&publisher=5ff42dbbf474080012973d4b&sop=true&version=st_sop.js&lang=en&description=Mondelez%20International%20uses%20the%20Ultipro%20system%20to%20distribute%20pay%20stubs%20and%20w2%20forms%20to%20its%20US%20employees.%20So%20if%20you%20are%20proficient%20in%20using%20Ultipro%2C%20please%20log%20in.&ua=&ua_mobile=false&ua_full_version_list=&uuid=2ac567cf-b4b2-48cd-a952-71224cfc8c20&samesite=None
Request Chain 68
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.31007576 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.31007576 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=62371258768408159;cb=0.31007576
Request Chain 69
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.31007576 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.31007576&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTgyQjlFRTUtQjdBNy00MDBCLTk3OUEtRjdFM0E0NEYxM0Ex&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.31007576&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D982B9EE5-B7A7-400B-979A-F7E3A44F13A1&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=982B9EE5-B7A7-400B-979A-F7E3A44F13A1
Request Chain 70
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.31007576%3Bindx%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.31007576%3Bindx%3D&s=199174&C=1 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.31007576;indx=ZbBBMIpFRXEkccilE8pBJwAAEr4AAAIB
Request Chain 71
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.31007576 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.31007576&verify=true HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-9D29.YpE2uLpa4Ag0lVhHUn8a.sEL.PA~A
Request Chain 72
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.31007576%3Bsonobi%3D%5BUID%5D HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.31007576;sonobi=6d34d8b6-6d66-4c9f-b9cc-94bfc2768202
Request Chain 73
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.31007576 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;magid=LRQY0YKI-14-9MXM
Request Chain 74
  • https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;mgid=138e98b6-f564-4793-9873-157063d7a67f
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNHoSuOwpBlvXMeSD8UqmI&google_cver=1&gdpr=0
Request Chain 120
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbBBMIpFRXEkccilE8pBJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFrmjSEPL5TFuioTIkn6BxI&google_cver=1
Request Chain 122
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzNzEyNTg3Njg0MDgxNTk%3D
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm&gdpr=0 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESEHGtnx-VGJfeQdtmOcMXkkE&google_cver=1
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1&gdpr=0
Request Chain 125
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbBBMIpFRXEkccilE8pBJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1
Request Chain 166
  • https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7507174334378103&ias_chanId=1&ias_placementId=20262206047&bidurl=https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0inKlnRlpSirduXiMAPjLHd&adsafe_url=https%3A%2F%2Fmypaylogin.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fmypaylogin.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7507174334378103%26fa%3D1%26ifi%3D12%26uci%3Da!c%26btvi%3D7&adsafe_type=be&adsafe_jsinfo=,id:82f3fddf-3880-7f88-5a5a-d6122346d5f0,c:2c7NHC,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d966585d8-22fqq,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:38,oid:e6c690d1-ba40-11ee-a60c-a61eac8a832a,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1
Request Chain 224
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe55ded0-e7e0-4e6b-9971-371ad14cad30&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=8e6c208c-6a43-4754-aae5-cd2dc8ade809&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D387b878c7bef4f9f83da8fc8a450593d%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28962124&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=3736517937551429878 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=387b878c7bef4f9f83da8fc8a450593d&SNR=1&GV=2&med=10
Request Chain 250
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe55ded0-e7e0-4e6b-9971-371ad14cad30&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=8e6c208c-6a43-4754-aae5-cd2dc8ade809&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D387b878c7bef4f9f83da8fc8a450593d%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28962124&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=3736517937551429878 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=387b878c7bef4f9f83da8fc8a450593d&tids=15000&med=10

275 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/ 		84 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
71c2b48dc5728a204dec4918ab15d1520e4029fe6ed06ce6a39eaee466b44a9b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
25451
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 22:43:56 GMT
Expires
Tue, 23 Jan 2024 23:43:56 GMT
Keep-Alive
timeout=5, max=100
Link
<https://mypaylogin.com/wp-json/>; rel="https://api.w.org/", <https://mypaylogin.com/wp-json/wp/v2/posts/2270>; rel="alternate"; type="application/json", <https://mypaylogin.com/?p=2270>; rel=shortlink
Referrer-Policy
Server
Apache
Vary
Accept-Encoding,User-Agent
X-LiteSpeed-Tag
2de_HTTP.200
X-Pingback
https://mypaylogin.com/xmlrpc.php
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7507174334378103
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
c8329c9621456825f0753aeb5ea135717d1dcf46168a7c59fc40209f5152815f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Origin
https://mypaylogin.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51446
x-xss-protection
0
server
cafe
etag
10182249497177390638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Jan 2024 22:43:57 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1B7F7WKTNY
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
29d051bac32d89c8fa8a14d3263d3a1aed42b101b7a5ce0fa942ede1ee9d0891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79397
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 22:43:57 GMT
reset.css
mypaylogin.com/wp-content/themes/citadela/design/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/css/reset.css?ver=1697878901
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
3dd3db2741c2b611c7b73fdccd23b73a837290292c1fda9c6118d5f315e5360a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:41 GMT
Server
Apache
ETag
"650-608363cc48447-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
830
Expires
Wed, 22 Jan 2025 22:43:57 GMT
base.css
mypaylogin.com/wp-content/themes/citadela/design/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/css/base.css?ver=1697878901
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
6a42392f744cf34cdc9eef0942861c7a4e1eba86a20c40dabe35b83f99808262

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:41 GMT
Server
Apache
ETag
"45ad-608363cc4805f-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4487
Expires
Wed, 22 Jan 2025 22:43:57 GMT
style.min.css
mypaylogin.com/wp-includes/css/dist/block-library/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Fri, 17 Nov 2023 12:30:25 GMT
Server
Apache
ETag
"1add3-60a584cfd9a46-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
14499
Expires
Wed, 22 Jan 2025 22:43:57 GMT
styles.css
mypaylogin.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Fri, 12 Jan 2024 13:49:04 GMT
Server
Apache
ETag
"b4e-60ebfed61719c-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1015
Expires
Wed, 22 Jan 2025 22:43:58 GMT
rs6.css
mypaylogin.com/wp-content/plugins/revslider/public/assets/css/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
3d2c706c6c0d79356ebb6152ae1e607d31cccff9895043e31ca7f6d34cd79ae1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 29 Sep 2020 00:49:41 GMT
Server
Apache
ETag
"e305-5b069287eb340-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12170
Expires
Wed, 22 Jan 2025 22:43:57 GMT
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C800&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&display=swap&ver=6.4.2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
d220665dbe19df77bc04607636e16681d9c5b892f6480b84498813ba28d73982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 22:43:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 22:43:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 22:43:57 GMT
theme-default-style.css
mypaylogin.com/wp-content/themes/citadela/design/css/ 		569 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/css/theme-default-style.css?ver=1697878901
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
d2a5d145294313d7daea99d2575b46b3441a1cd8fe31223164aee0373e7d8853

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:41 GMT
Server
Apache
ETag
"8e4ac-608363cc48fff-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
49711
Expires
Wed, 22 Jan 2025 22:43:57 GMT
all.min.css
mypaylogin.com/wp-content/themes/citadela/design/css/assets/fontawesome/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/css/assets/fontawesome/css/all.min.css?ver=5.8.2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:57 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:40 GMT
Server
Apache
ETag
"d78f-608363cc3d47b-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12077
Expires
Wed, 22 Jan 2025 22:43:57 GMT
photoswipe.css
mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/photoswipe/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/photoswipe/photoswipe.css?ver=4.1.3
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
4812d4e2fbfa080ea51ec6755f24dd8728c9c428cf89ffd34648e7b321801a71

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:40 GMT
Server
Apache
ETag
"1029-608363cc3bd0a-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1298
Expires
Wed, 22 Jan 2025 22:43:58 GMT
default-skin.css
mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/photoswipe/default-skin/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/photoswipe/default-skin/default-skin.css?ver=4.1.3
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
734b9c920ca443dbf993e22a56264e64a738ec99fb2908a5e3f30fdf2480dc5f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:40 GMT
Server
Apache
ETag
"2d57-608363cc3b922-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2983
Expires
Wed, 22 Jan 2025 22:43:58 GMT
default.css
mypaylogin.com/wp-content/plugins/tablepress/css/build/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.2.4
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Wed, 13 Dec 2023 13:48:15 GMT
Server
Apache
ETag
"17cb-60c646b349723-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2454
Expires
Wed, 22 Jan 2025 22:43:58 GMT
frontend-gtag.min.js
mypaylogin.com/wp-content/plugins/google-analytics-premium/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.11.0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sun, 18 Dec 2022 04:22:49 GMT
Server
Apache
ETag
"2e7a-5f0128e2dd840-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3246
Expires
Wed, 22 Jan 2025 22:43:58 GMT
jquery.min.js
mypaylogin.com/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Fri, 17 Nov 2023 12:30:25 GMT
Server
Apache
ETag
"15601-60a584cfe1749-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
30368
Expires
Wed, 22 Jan 2025 22:43:58 GMT
jquery-migrate.min.js
mypaylogin.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Wed, 09 Aug 2023 13:28:40 GMT
Server
Apache
ETag
"3509-6027d75319d56-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4872
Expires
Wed, 22 Jan 2025 22:43:58 GMT
rbtools.min.js
mypaylogin.com/wp-content/plugins/revslider/public/assets/js/ 		121 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
84569c21aafc5b59c74756c75648de4c4564f7733bc1128b0f259ca4191edf77

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 29 Sep 2020 00:49:41 GMT
Server
Apache
ETag
"1e4b8-5b069287eb340-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
47719
Expires
Wed, 22 Jan 2025 22:43:58 GMT
rs6.min.js
mypaylogin.com/wp-content/plugins/revslider/public/assets/js/ 		285 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
48ea29f1197c91fa6ae6707b59b411b7b4ba78a8c7d00f76c6a669ee12a00e2f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Tue, 29 Sep 2020 00:49:41 GMT
Server
Apache
ETag
"47543-5b069287eb340-gzip"
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Expires
Wed, 22 Jan 2025 22:43:58 GMT
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-21.sin2.r.cloudfront.net
Software
/
Resource Hash
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:39:17 GMT
content-encoding
gzip
via
1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN2-P2
age
280
etag
W/"3360d-7zvdaxLS2Lhi3Pty7QrCYymkuqI"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
r41lNQMAuXO0XZDLmEqd8UFWRi4Pw5g56GBy9lh1bK-rBmEHyLDfNg==
js
www.googletagmanager.com/gtag/ 		218 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-NNVBSR5
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
a3baaf886a32253ae21a7419de47381cefb4e87dd365ba3f0ac9385ab2340457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79358
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 22:43:59 GMT
a9c7520e-58c8-4276-ba78-d6814feee12d
https://mypaylogin.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mypaylogin.com/a9c7520e-58c8-4276-ba78-d6814feee12d
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
fa-solid-900.woff2
mypaylogin.com/wp-content/themes/citadela/design/css/assets/fontawesome/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/css/assets/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Origin
https://mypaylogin.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Server
Apache
ETag
"12258-608363cc4805f-gzip"
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Type
application/font-woff2
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Expires
Wed, 22 Jan 2025 22:43:58 GMT
fa-regular-400.woff2
mypaylogin.com/wp-content/themes/citadela/design/css/assets/fontawesome/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/css/assets/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af

Request headers

Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Origin
https://mypaylogin.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Server
Apache
ETag
"3510-608363cc4517e-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/font-woff2
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
13607
Expires
Wed, 22 Jan 2025 22:43:58 GMT
fa-brands-400.woff2
mypaylogin.com/wp-content/themes/citadela/design/css/assets/fontawesome/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/css/assets/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169

Request headers

Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Origin
https://mypaylogin.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:58 GMT
Content-Encoding
gzip
Referrer-Policy
Server
Apache
ETag
"123a0-608363cc44d95-gzip"
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Type
application/font-woff2
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Wed, 22 Jan 2025 22:43:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7507174334378103&host=ca-host-pub-2644536267352236
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e8161ae6557cc11392329f410228363109dd0f7c3ddb595541da5fea640f3fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Origin
https://mypaylogin.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51448
x-xss-protection
0
server
cafe
etag
17757197558046884260
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Jan 2024 22:43:59 GMT
pub-7507174334378103
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-7507174334378103?ers=1
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
16ede8ff5715099bf3c73973a90102e5354fe02a45124195b703c8e2d0b3363e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9HQYM_q8DrlNJ0hdkWaG8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-9HQYM_q8DrlNJ0hdkWaG8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6O9U0H17IJLFg99w0TALSGV90"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
img.fetch
udmserve.net/udm/ 		34 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=18969;tid=1;dt=6;
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
f34357a90755589b2147c1ec45cf97c9175877cf0c6456320410ceeb24736e1d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 22:44:00 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Expires
0
mondelez-ultipro.jpg
mypaylogin.com/wp-content/uploads/2022/03/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mypaylogin.com/wp-content/uploads/2022/03/mondelez-ultipro.jpg
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
186ef034be0975eb4703bc3a33b8fd6e1af8cc773b208340cba91dd522763909

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Referrer-Policy
Last-Modified
Tue, 22 Mar 2022 09:12:27 GMT
Server
Apache
ETag
"ae47-5dacb02fe74c0"
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
44615
Expires
Wed, 22 Jan 2025 22:43:59 GMT
37f44be6536d7664aea44e54b9853f0b
secure.gravatar.com/avatar/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/37f44be6536d7664aea44e54b9853f0b?s=48&d=mm&r=g
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc
HIT sin 1
date
Tue, 23 Jan 2024 22:43:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="37f44be6536d7664aea44e54b9853f0b.png"
accept-ranges
bytes
link
<https://gravatar.com/avatar/37f44be6536d7664aea44e54b9853f0b?s=48&d=mm&r=g>; rel="canonical"
content-length
1021
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jan 2024 22:48:59 GMT
cf8fe593984628d457a3d8acb0abdb06
secure.gravatar.com/avatar/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/cf8fe593984628d457a3d8acb0abdb06?s=48&d=mm&r=g
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dab55442fb17b93d6dfd52e2b865ef89a68b75a12349f5cd3614390a6d54c0a1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc
HIT sin 1
date
Tue, 23 Jan 2024 22:43:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="cf8fe593984628d457a3d8acb0abdb06.png"
accept-ranges
bytes
link
<https://gravatar.com/avatar/cf8fe593984628d457a3d8acb0abdb06?s=48&d=mm&r=g>; rel="canonical"
content-length
1018
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jan 2024 22:48:59 GMT
gglcptch.css
mypaylogin.com/wp-content/plugins/google-captcha/css/ 		670 B
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/google-captcha/css/gglcptch.css?ver=1.74
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
3eb86615b07916ab553d613a545aec2ffa1c3f04782c42abe24332242bd4cf93

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 23 Dec 2023 03:03:35 GMT
Server
Apache
ETag
"29e-60d249428b562-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
336
Expires
Wed, 22 Jan 2025 22:43:59 GMT
index.js
mypaylogin.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Fri, 12 Jan 2024 13:49:04 GMT
Server
Apache
ETag
"2b6d-60ebfed61890d-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3212
Expires
Wed, 22 Jan 2025 22:43:59 GMT
index.js
mypaylogin.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Fri, 12 Jan 2024 13:49:04 GMT
Server
Apache
ETag
"337e-60ebfed617d55-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
4191
Expires
Wed, 22 Jan 2025 22:43:59 GMT
js.cookie.min.js
mypaylogin.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?ver=3.0.0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Wed, 22 Mar 2023 11:30:12 GMT
Server
Apache
ETag
"5dc-5f77b7bb53df0-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
726
Expires
Wed, 22 Jan 2025 22:43:59 GMT
jquery.iframetracker.min.js
mypaylogin.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?ver=2.1.0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Wed, 22 Mar 2023 11:30:12 GMT
Server
Apache
ETag
"c72-5f77b7bb53df0-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1249
Expires
Wed, 22 Jan 2025 22:43:59 GMT
aicp.min.js
mypaylogin.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 		777 B
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?ver=1.0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Wed, 22 Mar 2023 11:30:12 GMT
Server
Apache
ETag
"309-5f77b7bb53df0-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
429
Expires
Wed, 22 Jan 2025 22:43:59 GMT
modernizr.touch.min.js
mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/modernizr/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/modernizr/modernizr.touch.min.js?ver=3.6.0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
29756d1e9926e455608bf53d668030ae9a1b0240f4a3374fe4a5af788bc71c83

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:40 GMT
Server
Apache
ETag
"cdd-608363cc3b922-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1549
Expires
Wed, 22 Jan 2025 22:43:59 GMT
jquery.waypoints.min.js
mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/waypoints/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/waypoints/jquery.waypoints.min.js?ver=4.0.1
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:40 GMT
Server
Apache
ETag
"2344-608363cc3c0f2-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
2753
Expires
Wed, 22 Jan 2025 22:43:59 GMT
photoswipe.min.js
mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/photoswipe/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/photoswipe/photoswipe.min.js?ver=4.1.3
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
78fc260a16dbbd76ec3b4da56ccdc7a076d21d31c501e0a17a4175c4a25d95ea

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:40 GMT
Server
Apache
ETag
"7ca0-608363cc3c0f2-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
12235
Expires
Wed, 22 Jan 2025 22:43:59 GMT
photoswipe-ui-default.min.js
mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/photoswipe/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/photoswipe/photoswipe-ui-default.min.js?ver=4.1.3
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
50a9333a7ff0d660714662cb1ab49ec81e1ed716eba78c729600166f7338da95

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:40 GMT
Server
Apache
ETag
"2696-608363cc3bd0a-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
3755
Expires
Wed, 22 Jan 2025 22:43:59 GMT
focus-within-polyfill.min.js
mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/polyfills/ 		974 B
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/citadela-theme/assets/polyfills/focus-within-polyfill.min.js?ver=5.0.4
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
e8d139ee2ae1d25c8d2b6dad4d3618a213d0b0179eb29ae29434e2fd5653f73a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:40 GMT
Server
Apache
ETag
"3ce-608363cc3c0f2-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
457
Expires
Wed, 22 Jan 2025 22:43:59 GMT
fancybox.js
mypaylogin.com/wp-content/themes/citadela/design/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/js/fancybox.js?ver=1697878901
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
bd132cec40dfd4f31611d972baefccab71ad9c618ac47fe1cbb39afea497f5c6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:41 GMT
Server
Apache
ETag
"1399-608363cc493e7-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1605
Expires
Wed, 22 Jan 2025 22:43:59 GMT
menu.js
mypaylogin.com/wp-content/themes/citadela/design/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/js/menu.js?ver=1697878901
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
0cf228bfa7cd9d4c526703d7eabee1e278a77943ad402b82bf34678b873d3b4f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:41 GMT
Server
Apache
ETag
"3e4f-608363cc497cf-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3706
Expires
Wed, 22 Jan 2025 22:43:59 GMT
mobile.js
mypaylogin.com/wp-content/themes/citadela/design/js/ 		1 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/themes/citadela/design/js/mobile.js?ver=1697878901
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
9fbb78d831f4409c5d513b230b46466af266b896851f86a80c51acdc664bb135

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 21 Oct 2023 09:01:41 GMT
Server
Apache
ETag
"594-608363cc497cf-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
553
Expires
Wed, 22 Jan 2025 22:43:59 GMT
comment-reply.min.js
mypaylogin.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-includes/js/comment-reply.min.js?ver=6.4.2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:44:00 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 28 May 2022 16:08:44 GMT
Server
Apache
ETag
"ba5-5e014a31b5b00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1351
Expires
Wed, 22 Jan 2025 22:44:00 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=1.74
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
GSE /
Resource Hash
8d2ea0effa021870f288e25ee77d7b5b4e32db2a116353a7f0db665177938afc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 23 Jan 2024 22:43:59 GMT
script.js
mypaylogin.com/wp-content/plugins/google-captcha/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-content/plugins/google-captcha/js/script.js?ver=1.74
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
4b507a6b61e3dc4917931413919fc3af1c6cc0b682877fc05afa195cbf8da568

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:43:59 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Sat, 23 Dec 2023 03:03:35 GMT
Server
Apache
ETag
"24ad-60d249428bd33-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2597
Expires
Wed, 22 Jan 2025 22:43:59 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7507174334378103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
2f3039b949a8eb8b93be3fc3d9d6b898ad149659090deb13259501d8db130fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139775
x-xss-protection
0
server
cafe
etag
2710368829796411771
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 22:43:59 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame A223 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7507174334378103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
79760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 00:34:38 GMT
etag
3890843268177463596
expires
Tue, 06 Feb 2024 00:34:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1B7F7WKTNY&gtm=45je41h0v893720197&_p=1706049837240&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&gdid=dZGIzZG&cid=692948144.1706049838&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706049837&sct=1&seg=0&dl=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&dt=Mondelez%20International%20Pay%20stubs%20%26%20W2%20%7C%20MY%20PAY%20LOGIN&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=2292
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1B7F7WKTNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:43:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mypaylogin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5ff42dbbf474080012973d4b.js
buttons-config.sharethis.com/js/ 		30 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5ff42dbbf474080012973d4b.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-88.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
via
1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 05 Jan 2021 09:13:33 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
x-amz-server-side-encryption
AES256
etag
"e6e1643313740711175f51662a65b42f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
30
x-amz-cf-id
y5CO4BHw7Q-yyMkZApUePE6N6LKpLAlOc5JgUTzyidYHC0gXt4ausw==
analytics.js
google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f103.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 21:46:56 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3424
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 23 Jan 2024 23:46:56 GMT
pub-7507174334378103
fundingchoicesmessages.google.com/b/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-7507174334378103
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
7012a50fcc4cac10fa72ace1844e90f50af25efddd4c6a551a416489e134d718
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mUpQQmv4dqBeyDH3URysKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-mUpQQmv4dqBeyDH3URysKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4KEhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6O9U0H17IJdHw90cAMALZ8V9E"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=mypaylogin.com&location=%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&product=ga&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmon...
  • https://l.sharethis.com/sc?event=pview&hostname=mypaylogin.com&location=%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&product=ga&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondel...
177 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&hostname=mypaylogin.com&location=%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&product=ga&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Mondelez%20International%20Pay%20stubs%20%26%20W2%20%7C%20MY%20PAY%20LOGIN&cms=unknown&publisher=5ff42dbbf474080012973d4b&sop=true&version=st_sop.js&lang=en&description=Mondelez%20International%20uses%20the%20Ultipro%20system%20to%20distribute%20pay%20stubs%20and%20w2%20forms%20to%20its%20US%20employees.%20So%20if%20you%20are%20proficient%20in%20using%20Ultipro%2C%20please%20log%20in.&ua=&ua_mobile=false&ua_full_version_list=&uuid=2ac567cf-b4b2-48cd-a952-71224cfc8c20&samesite=None
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Server
3.121.117.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-117-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8b93e0fcf56d23a1af679ed432e454bd3af4b577af1f423395d6aeef584eb041
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:00 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://mypaylogin.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGQAA2WwQTAAAAAICOJAAw==
Access-Control-Allow-Headers
*
Content-Length
177
X-Robots-Tag
noindex, nofollow

Redirect headers

Date
Tue, 23 Jan 2024 22:44:00 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://mypaylogin.com
Location
/sc?event=pview&hostname=mypaylogin.com&location=%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&product=ga&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Mondelez%20International%20Pay%20stubs%20%26%20W2%20%7C%20MY%20PAY%20LOGIN&cms=unknown&publisher=5ff42dbbf474080012973d4b&sop=true&version=st_sop.js&lang=en&description=Mondelez%20International%20uses%20the%20Ultipro%20system%20to%20distribute%20pay%20stubs%20and%20w2%20forms%20to%20its%20US%20employees.%20So%20if%20you%20are%20proficient%20in%20using%20Ultipro%2C%20please%20log%20in.&ua=&ua_mobile=false&ua_full_version_list=&uuid=2ac567cf-b4b2-48cd-a952-71224cfc8c20&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGQAA2WwQTAAAAAICOJAAw==
Access-Control-Allow-Headers
*
Content-Length
897
X-Robots-Tag
noindex, nofollow
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C800&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&display=swap&ver=6.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mypaylogin.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 14:54:49 GMT
x-content-type-options
nosniff
age
114550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 14:54:49 GMT
df8aed87ac8ae7ee783ff09fa6109cd9
secure.gravatar.com/avatar/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/df8aed87ac8ae7ee783ff09fa6109cd9?s=48&d=mm&r=g
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc
HIT sin 1
date
Tue, 23 Jan 2024 22:43:59 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="df8aed87ac8ae7ee783ff09fa6109cd9.png"
accept-ranges
bytes
link
<https://gravatar.com/avatar/df8aed87ac8ae7ee783ff09fa6109cd9?s=48&d=mm&r=g>; rel="canonical"
content-length
1021
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jan 2024 22:48:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1699 		407 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&adk=1812271804&adf=3025194257&lmt=1706049839&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=1710&bdt=2197&idt=364&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5266943474363&frm=20&pv=2&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=429
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
a742e79e2f8c4d83bffb4016f76454be6ed699e52dd5d1bb3f67fb4c363a343f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
75500
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:00 GMT
expires
Tue, 23 Jan 2024 22:44:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FBB3 		91 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
57b1d194d4c8a9ba103d41d992bd3e4b1109669874d4a880a4942d860e45eb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41475
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:00 GMT
expires
Tue, 23 Jan 2024 22:44:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9DF1 		724 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=2019289390&adf=4098860367&pi=t.ma~as.8170439994&w=270&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=270x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=1&bdt=2198&idt=385&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=665&ady=3934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
f241066e580e5b1d02ac55e3c2c7d91ae93b705ee7690be72099d99c755aa593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
360
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:00 GMT
expires
Tue, 23 Jan 2024 22:44:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVcGrRkWObkO7IRlOLK5r46MR6Py3fF28QufbltEHJy_5n_k_oJQpEa90PB2PebBFi0Q8OgZR2N1ZwxDAYjXCtrM1HfLkNTg1Y3M3MhIZrLLI9LW4Y8fK_PuEuBbLjItvkljFWRtA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVcGrRkWObkO7IRlOLK5r46MR6Py3fF28QufbltEHJy_5n_k_oJQpEa90PB2PebBFi0Q8OgZR2N1ZwxDAYjXCtrM1HfLkNTg1Y3M3MhIZrLLI9LW4Y8fK_PuEuBbLjItvkljFWRtA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MDQ5ODM5LDg2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9teXBheWxvZ2luLmNvbS9wYXktc3R1YnMvbW9uZGVsZXotaW50ZXJuYXRpb25hbC1wYXktc3R1YnMtdzIvMjI3MC8iLG51bGwsW1s4LCJZdGt2VXZyMEtoSSJdLFs5LCJ6aC1DTiJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
16866aa41cfbebc6f3d0a6fdb70ac05c4c4dafe07b567be11f8abd735d723c5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jRxCqrJ-y-QC-hHKBjFuaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-jRxCqrJ-y-QC-hHKBjFuaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXFEKghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6O9U0H17IJvFj4bR0zAL8wWEI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVai2v3MAPNUawgM9P1JEnYrYqMaBf89q9LruUaMHhzUjVC6hTdbTN-REQNkhWz2Ou09gfKV_XXqlBlb1FkZRKZ4Q==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVai2v3MAPNUawgM9P1JEnYrYqMaBf89q9LruUaMHhzUjVC6hTdbTN-REQNkhWz2Ou09gfKV_XXqlBlb1FkZRKZ4Q==
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--yXhEfemvBnUZfE7XJkGOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--yXhEfemvBnUZfE7XJkGOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQJiIW6ODU0H17IJzFg7qR4AyeYbeQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mypaylogin.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUtCcevG6D5T0PZSP99yi2uvgifn0B-DN6c5b7lcvfYBPp4PCf8WFC8TZKDynuWXFr6mHDU6t4EjynAzK-41PnHQ0uf1VYk63EMO_LyQG7RCtMzNnaxhahaO7EfYAbV7Lzd42HqEg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUtCcevG6D5T0PZSP99yi2uvgifn0B-DN6c5b7lcvfYBPp4PCf8WFC8TZKDynuWXFr6mHDU6t4EjynAzK-41PnHQ0uf1VYk63EMO_LyQG7RCtMzNnaxhahaO7EfYAbV7Lzd42HqEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MDQ5ODM5LDkzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbXlwYXlsb2dpbi5jb20vcGF5LXN0dWJzL21vbmRlbGV6LWludGVybmF0aW9uYWwtcGF5LXN0dWJzLXcyLzIyNzAvIixudWxsLFtbOCwiWXRrdlV2cjBLaEkiXSxbOSwiemgtQ04iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
2be499b9fbb00bf70c7b435f13eb92ce73f3d1722dd5a183e7504052975beb26
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qx6PhExV-_MHks3h5OfgEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:43:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qx6PhExV-_MHks3h5OfgEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6O9U0H17IJ_Djz4ywzAMIMWKA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 		490 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=1.74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
e881bf089d326461acc37044e7090f49ffb6584af18a2343f6da6d95d7acde93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Origin
https://mypaylogin.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199721
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 17:06:52 GMT
wp-emoji-release.min.js
mypaylogin.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mypaylogin.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.192.23.231 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
exactly-although.quarantine-pnap.web-hosting.com
Software
Apache /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
public
Date
Tue, 23 Jan 2024 22:44:00 GMT
Content-Encoding
gzip
Referrer-Policy
Last-Modified
Fri, 31 Mar 2023 15:11:15 GMT
Server
Apache
ETag
"4904-5f8339ed7bc3b-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-javascript
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
5039
Expires
Wed, 22 Jan 2025 22:44:00 GMT
collect
www.google-analytics.com/j/ 		15 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=61049458&t=pageview&_s=1&dl=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&ul=en-us&de=UTF-8&dt=Mondelez%20International%20Pay%20stubs%20%26%20W2%20%7C%20MY%20PAY%20LOGIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1805767846&gjid=599429137&cid=692948144.1706049838&tid=UA-122111422-1&_gid=1145980483.1706049840&_r=1&_slc=1&z=520514753
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
6c3c1a8c11f7de0a06fcd7662486b70e7e6820061df91ecc8702c02a1006d380
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mypaylogin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BMRF6YZ128&cx=c&_slc=1
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4e4b6537817087188f2b27bd665bda87fd649be4359c449649ef29242becf5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81469
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 22:44:00 GMT
udm-r3_v2.23.3.js
bid.underdog.media/ 		490 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v2.23.3.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=18969;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-64.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:01:16 GMT
content-encoding
gzip
via
1.1 c32320ec66084fc36ce5afbb4359a2c4.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 19:41:45 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
358965
etag
"0550b0566d3b7839b95eb11004434e2f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
163970
x-amz-cf-id
OxWAR67DOOHcZUujs8AAviFDdyLCIXvtzWEU23AslEdIE1yTg8zVzg==
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=18969;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 30 Jan 2024 22:44:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.31007576
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.31007576
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=62371258768408159;cb=0.31007576
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=62371258768408159;cb=0.31007576
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:00 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
an-x-request-uuid
8ec4ccb3-6204-4fe3-b71a-29d43e9b3f22
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=62371258768408159;cb=0.31007576
x-proxy-origin
182.55.133.166; 182.55.133.166; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTgyQjlFRTUtQjdBNy00MDBCLTk3OUEtRjdFM0E0NEYxM0Ex&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.31007576&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D982B9EE5-B7A7-400B-979A-F7E3A44F13A1&us_privacy=%24%7BUS_PRIVA...
  • https://udmserve.net/udm/fetch.pix?pmid=982B9EE5-B7A7-400B-979A-F7E3A44F13A1
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=982B9EE5-B7A7-400B-979A-F7E3A44F13A1
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:00 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=982B9EE5-B7A7-400B-979A-F7E3A44F13A1
date
Tue, 23 Jan 2024 22:43:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.31007576%3Bindx%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.31007576%3Bindx%3D&s=199174&C=1
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.31007576;indx=ZbBBMIpFRXEkccilE8pBJwAAEr4AAAIB
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.31007576;indx=ZbBBMIpFRXEkccilE8pBJwAAEr4AAAIB
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:00 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ean1jXjcPLR2%2Bal%2BPfxYm5y0bimTAlenW7d%2F0JnJk2ziPINrko484WkHOkNPElS3H8HnnGsktpk4qmx%2BkcQACRS4wKbjsQej1PaUbVoJJdk6%2B23fmC97W7Rq8gYMblHtd%2BrA3qr6oU9oCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.31007576;indx=ZbBBMIpFRXEkccilE8pBJwAAEr4AAAIB
cache-control
no-cache
cf-ray
84a38f0e1f5f40fe-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.31007576
  • https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.31007576&verify=true
  • https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-9D29.YpE2uLpa4Ag0lVhHUn8a.sEL.PA~A
43 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-9D29.YpE2uLpa4Ag0lVhHUn8a.sEL.PA~A
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:00 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-9D29.YpE2uLpa4Ag0lVhHUn8a.sEL.PA~A
date
Tue, 23 Jan 2024 22:44:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.31007576%3Bsonobi%3D%5BUID%5D
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.31007576;sonobi=6d34d8b6-6d66-4c9f-b9cc-94bfc2768202
43 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.31007576;sonobi=6d34d8b6-6d66-4c9f-b9cc-94bfc2768202
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:01 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 22:44:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-22
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.31007576;sonobi=6d34d8b6-6d66-4c9f-b9cc-94bfc2768202
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.31007576
  • https://udmserve.net/udm/fetch.pix?dt=1;magid=LRQY0YKI-14-9MXM
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;magid=LRQY0YKI-14-9MXM
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:01 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://udmserve.net/udm/fetch.pix?dt=1;magid=LRQY0YKI-14-9MXM
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8ee3bea2ab086361542c3b52b688813
Expires
0
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://cm-x.mgid.com/4c7eda2d9428691cd8f54d15244a36a7.gif?ccpa=0&gdpr=0&redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bmgid%3D%5BUID%5D
  • https://udmserve.net/udm/fetch.pix?dt=1;mgid=138e98b6-f564-4793-9873-157063d7a67f
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;mgid=138e98b6-f564-4793-9873-157063d7a67f
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:01 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 22:44:00 GMT
Transfer-Encoding
chunked
Location
https://udmserve.net/udm/fetch.pix?dt=1;mgid=138e98b6-f564-4793-9873-157063d7a67f
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BMRF6YZ128&gtm=45je41h0v9106541458&_p=1706049837240&gcs=G1--&gcd=11l1l1l1l6&dma=0&tcfd=10000&tag_exp=71847096&gdid=dZGIzZG.dZTNiMT&ul=en-us&sr=1600x1200&cid=692948144.1706049838&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&dt=Mondelez%20International%20Pay%20stubs%20%26%20W2%20%7C%20MY%20PAY%20LOGIN&sid=1706049840&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4826
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BMRF6YZ128&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mypaylogin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		163 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
7c7dbd17e97eb9a10fe3bb5c4fc90cebdba9d641543bb7c98b9375bb2325b037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56679
x-xss-protection
0
server
cafe
etag
16186119640366742029
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 22:44:00 GMT
ca-pub-7507174334378103
fundingchoicesmessages.google.com/i/ 		183 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7507174334378103?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
7c49bd753274881f6db809246e4b9e32794a1ca11eb04d5e2a9033530eaf80cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ReC4IEsyLfsKGJbd67dWJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-ReC4IEsyLfsKGJbd67dWJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6ODU0H17IJvJjyZi4jALOBWAs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0ED6 		436 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=280&adk=2767623100&adf=1730821504&pi=t.aa~a.697687507~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x280&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840346&bpp=1&bdt=3131&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600&nras=2&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
565fc01023dfe762244eccd1b36f5dbd035555d3d5f5d844729d6b3660999202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:00 GMT
expires
Tue, 23 Jan 2024 22:44:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F052 		436 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=280&adk=2801471196&adf=871259380&pi=t.aa~a.2191923801~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x280&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840346&bpp=1&bdt=3131&idt=-M&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600%2C1200x280&nras=3&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
093044b345c60a942f6e9d9ac62f57354748094c3840f9424bd83622f87cbd0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:00 GMT
expires
Tue, 23 Jan 2024 22:44:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F5D2 		436 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=90&adk=3070604948&adf=1723979762&pi=t.aa~a.1594335910~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x90&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840346&bpp=1&bdt=3131&idt=1&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600%2C1200x280%2C1200x280&nras=4&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
bbd180482d27d94faf59a4c4d0e8acefab7c01bc7af4aec22e876277f98985fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:00 GMT
expires
Tue, 23 Jan 2024 22:44:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 74DD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
56159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 07:08:01 GMT
etag
3890843268177463596
expires
Tue, 06 Feb 2024 07:08:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 931F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
56159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 07:08:01 GMT
etag
3890843268177463596
expires
Tue, 06 Feb 2024 07:08:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 4CF3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
56159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 07:08:01 GMT
etag
3890843268177463596
expires
Tue, 06 Feb 2024 07:08:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 8A47 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
56159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 07:08:01 GMT
etag
3890843268177463596
expires
Tue, 06 Feb 2024 07:08:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBB3 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D2CqSRsn_lIH_RZk2OW6vBiMK20Vp0AIskV4NRChnO0P12_JQn_guBYSI-MVjLdikXb4yck7L6eEdmWm9eeZErekIBvMdeQXjw3lhmGlMBqIb5Smc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame FBB3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame FBB3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FBB3 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66080
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705966741457425"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 22:44:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 75A0 		645 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPl86UCEOzRx6wCGPHZy4MCMAE&v=APEucNVKT7JThFjQFb5TysQ8gq_wh83Qtmnp_-w6QKbpVaQ4DUiinLxufbUiW38t9xcPoTXl0mh01eFUnMeeZfSZNMMjSszpYgFHCYKAoiKTMWdcvQ1Keko
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:00 GMT
expires
Tue, 23 Jan 2024 22:44:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame FBB3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
59595
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:10:45 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame FBB3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
59595
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:10:45 GMT
view
ad.doubleclick.net/pcs/ Frame FBB3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstQ7-5EPIlQXd7AKnChP990Z-1VAxyLKhZLoQY6A5rV3cJ0cWHzIsNT19qmeeKWYMy8F10c4kIPTKmPU9Zo7m5iGdOHQhfxzaqY4diL6HnMEiXDtc7E0tB0Z5F8L_uvOk132jflz5tUbqg2NvwM1JVkqFcn8-Di4vusNklN8ra-rRJc-KmYPdlSNa_8DCUH1jM09eTq2X2ThQSbwd_x4Yfs2B83DIKco40iKlDWIc7sLP0Obof-LIPir-ysB0PxPxmlv9P-mPPoAbz61UaalovIi52chcwzYUJu-lYgGZ6UVNa_b8ZwBnNQJFeDv-2Rh2l3pbd1EnpGg2rG4Wh_DxlYp_48BWo190YxzQQ5-EGbAYGsgqc0J9nuMmHjE-QqkCrSBoBv1srXFWMTNwHLdLNyXk1Ft9Xs7CxNAeK8UKMmGbqaBcdOHINy5Rbskcgyq3gc-MO1ZcZPORLwUWbMQjUuEa43FqXCwNPtEZ1zYxinbr0sYKVs1f9Am9yAdNj_aiUkRTmSYbWLR6CZzgd_Siqcw5MbAhuk97HIow32JnFNuewPBgQGjtmgslzuGy-IBLLUb2-y_Mf9W9ZuMPr_gPMaQ0m5UoAA8Dyb2mMGK42d7VkWkKbi8gRYUxWSodha7eEVATjyeVVimRifuMZ--B7_fB3mdBBJ42TpKgAAcvh-KPdCFBX76vP-AghCuu7LKYoKGmC7zbV_kGu3hBKzCRazFAiPum0nUx7bL9Nqka_ToAsLsW5tRDcq7M_TA5_wPqyg26MG1rm5AZQCnvAaFFVi0kp00gsUckro5AZv4-Crc6t62q0kVqfBoHQ06VKGGg21zLivuWB5v8lgX4DChC46PB7jVyf0zZKQzm9zNSdWbzJINWw6JPS-bslKHxzKzYu45MGblNLgiYvYSyJGhAuMexZNVYUzTHcqTSKRh6y83x8qrQfoEjzTKzpuO_yoRJ7zgvxlafNMOAfA52HPhyv-du-jbkac3r8bO6zS-a_FLIWDA7sdhjBDZhFevKQnydRsFj7pxCOyGpaeSRSEoxAx7c0xAgMDqeCafQEw_P0e-JlKNfIYrC5gF6cM4NLHJqQDWeOogzlMUs41ds-vd_Ndw30McQ2uBUHFS4l382qYxgkj9tGOzNFE1vmipgf0aDxaz-cOZRUYH_ZVleFNM3gyi5z6cVpsbiQDHC1k6QpYa5tmMz-KDsEOQQZH7vl6C8Pbr9FYIDKYI6lWx4s7I9OwNTUIFFASLJl9JFHytRRElU4AafbnWJVOUQwYZLN376HdU33CPAlEyEj28iitftKqSdHv-A3tFE6U0JVK_bRkLSw9kH4OYhzC9xEfOZiie_z-&sai=AMfl-YQFy_GsRadOGp1FK_BxeioyZUsHyaElk8JfIAir0hoC6E6Rn89F9eFVHA21ddvExa8Z1XBATY8RY0oTIK4rafB68kzuQUI972jKZ7zH2QHj8fpGQmN1rJBylXhEyh1voLt4OS_RKxZvOvTka6D8_75sqL-DLEZQcqq9z83EejTSgz4KA04XR1OW63mDlC88JDmF1xBpXjCkQMxY2L76dK2RW-OIA4UZ6tPAaSqDFme0apUxIe0yCC5C2ZpakjWNnXW9aguU9rg5i-OoRFh5nBfBxJp7BlLtwfy4PPS-jUSBQnXwHLKGwZJncSjQyb_pyQnOJYHxAcDjxpHUThPo6T2L-bV_Gi3R_pUSccyjePCjSlrHQUhOwrhAcLALiVqoQAbZPVok3x83sEwgSv1R65aLOiWiiGAklhG8tVQtBB_EJKFYolZ3t3auJWR1Pg0W_zmI-nir_4JV2JvYrhM6IKtwMS_3V50et273F4d6oKk5BlqmtJ9_QXBrK0LJn3kS-hC0e2U&sig=Cg0ArKJSzMTOiq7cdurbEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vcmFjbGUuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20240122.85695&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 22:44:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
moatad.js
z.moatads.com/zenithglobaloracledcm444268370365/ Frame FBB3 		339 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/zenithglobaloracledcm444268370365/moatad.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
42f4e997d62b6f60b1fd3c34a4cf4a516d50de43e11861d2a1ddd2c3a830d374

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 10:56:26 GMT
server
AmazonS3
x-amz-request-id
KBN9W9J2PPRXE8SG
etag
"e667029a251ded50df068153fdb1b4b3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43760
accept-ranges
bytes
content-length
117187
x-amz-id-2
MlJpUSVNVl96/rkccq89nw7f1V4s+BZ9Rj4gxsHWaqCik094WykcT3w+XSW4lLV6zBMOrryYT4k=
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FBB3 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 03:24:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
328775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 03:24:25 GMT
406587087795472235
s0.2mdn.net/simgad/ Frame FBB3 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/406587087795472235
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
54329f087a22b175287800c3ea8d495a49351478315295b9738ab3ff1016ecbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 23 Jan 2024 22:44:00 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68437
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 05:44:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Jan 2025 22:44:00 GMT
89733
stags.bluekai.com/site/ Frame FBB3 		62 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/89733?phint=event%3Dimp&phint=aid%3D1106306&phint=pid%3D385871515&phint=cid%3D30854470&phint=crid%3D208358873
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 23 Jan 2024 22:44:00 GMT
content-length
62
bk-server
22bc
content-type
image/gif
css2
fonts.googleapis.com/ Frame 74DD 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 21:03:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 22:44:00 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 74DD 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 12:52:48 GMT
x-content-type-options
nosniff
age
294673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 19 Jan 2025 12:52:48 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 74DD 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 23:06:33 GMT
x-content-type-options
nosniff
age
171448
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 20 Jan 2025 23:06:33 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 74DD 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
30735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6870
x-xss-protection
0
server
cafe
etag
16407976921096022632
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 14:11:45 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 74DD 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 12:29:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
36869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9462
x-xss-protection
0
server
cafe
etag
4236850132385514013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 12:29:31 GMT
viewability-pixel.js
widgets.outbrain.com/viewability-pixel/ Frame 0C28 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
gzip
content-length
1594
last-modified
Tue, 26 Sep 2023 12:16:31 GMT
server
AkamaiNetStorage
etag
"706f86c4827fab44c1c97efcf7add178:1695730691.134216"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Wed, 24 Jan 2024 02:44:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 0C28 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 0C28 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0C28 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66080
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705966741457425"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 22:44:01 GMT
71cf7bba6b58f1e68880eeb4f649bfa511.jpg
zem.outbrainimg.com/p/srv/sha/c2/40/88/ Frame 0C28 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/c2/40/88/71cf7bba6b58f1e68880eeb4f649bfa511.jpg?w=120&h=600&fit=crop&crop=optimized&q=45
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.46.132 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
7f4a1ba88401252d0d2b02d38d90a35726b6ac465b64aae6c2cdae67a45877c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1007943
x-cache
HIT, MISS, HIT
x-imgix-id
79f5440d5c1958cf31ca1392c0611d3394d73ae4
cross-origin-resource-policy
cross-origin
content-length
10930
x-served-by
cache-sjc1000093-SJC, cache-qpg1282-QPG, cache-qpg1278-QPG
x-imgix-render-farm
02.139816
last-modified
Fri, 12 Jan 2024 06:44:56 GMT
server
Google Frontend
x-timer
S1706049841.644381,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
71cf7bba6b58f1e68880eeb4f649bfa511.jpg
zem.outbrainimg.com/p/srv/sha/c2/40/88/ Frame 8271 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/c2/40/88/71cf7bba6b58f1e68880eeb4f649bfa511.jpg?w=120&h=600&fit=crop&crop=optimized&q=45
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.46.132 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
7f4a1ba88401252d0d2b02d38d90a35726b6ac465b64aae6c2cdae67a45877c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1007943
x-cache
HIT, MISS, HIT
x-imgix-id
79f5440d5c1958cf31ca1392c0611d3394d73ae4
cross-origin-resource-policy
cross-origin
content-length
10930
x-served-by
cache-sjc1000093-SJC, cache-qpg1282-QPG, cache-qpg1278-QPG
x-imgix-render-farm
02.139816
last-modified
Fri, 12 Jan 2024 06:44:56 GMT
server
Google Frontend
x-timer
S1706049841.644379,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
viewability-pixel.js
widgets.outbrain.com/viewability-pixel/ Frame 8271 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
gzip
content-length
1594
last-modified
Tue, 26 Sep 2023 12:16:31 GMT
server
AkamaiNetStorage
etag
"706f86c4827fab44c1c97efcf7add178:1695730691.134216"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Wed, 24 Jan 2024 02:44:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8271 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 8271 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8271 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66080
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705966741457425"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 22:44:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C137 		489 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNXzAE1Sx86_bYCEupyGw5v4XWFLRBy4XOmO3-cyyK1tQAARsOd2YSOpk1Hxu1q88kP83PaBR2xA7T-xnWYENMPAMnPBy54H-SaNYbIGsw_tuVS4tNU
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
7a98efbd48e727770b5d6f5bc67c24a9b37d4e95ef05d0b2d81362e16ee0f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
187
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AE12 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 22:44:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1525559/72176526/xbbe/creative/ Frame AE12 		278 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7507174334378103&ias_chanId=1&ias_placementId=20262206047&bidurl=https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0inKlnRlpSirduXiMAPjLHd
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.150.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-150-10.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
2e1e8fbe9df3402112a969fdcea480c561cd54897118f937b1b256fe9c7974f7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AE12 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame AE12 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AE12 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66080
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705966741457425"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 22:44:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CpvxehHlJAVSDePTZOV0CJAm8dczDt_IWrQezBwBXQGyT4gTNxnlDCvFl-w1YwNOioT1V_OxgsdpDaEUzGfuVOTmz5MUoB8d322-lUTIiNLzQtMn0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 75A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNHoSuOwpBlvXMeSD8UqmI&google_cver=1&gdpr=0
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNHoSuOwpBlvXMeSD8UqmI&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPl86UCEOzRx6wCGPHZy4MCMAE&v=APEucNVKT7JThFjQFb5TysQ8gq_wh83Qtmnp_-w6QKbpVaQ4DUiinLxufbUiW38t9xcPoTXl0mh01eFUnMeeZfSZNMMjSszpYgFHCYKAoiKTMWdcvQ1Keko
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1q7LtFDN5IlxY1RXNAI0nLk5DQY6V9BoSryhy8wdo185Pvo%2F2tt45IQxXLsOtc93Tm11Us3yX7orrucjV7P9oyAkDOsgOb0uJLU3a2K4M1bllfcV%2Fe2c9QYww6C3kNAbYwBR8R3U34Nw%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a38f1028c240fe-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJNHoSuOwpBlvXMeSD8UqmI&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 75A0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbBBMIpFRXEkccilE8pBJwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1
43 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPl86UCEOzRx6wCGPHZy4MCMAE&v=APEucNVKT7JThFjQFb5TysQ8gq_wh83Qtmnp_-w6QKbpVaQ4DUiinLxufbUiW38t9xcPoTXl0mh01eFUnMeeZfSZNMMjSszpYgFHCYKAoiKTMWdcvQ1Keko
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaOAn%2FMYK0K9V1OKeVTZ0hL0zilYUjJ3EwfwVoPANGM9Gor2hswwiEdfRKh%2FaTmekZN%2FgEb5i2S3bo2nRwo%2F7fk%2BxbEh%2FsW2%2Bnfv92w81ma5PzoYjHxrrRv4OwLmZBZZTrc51QgCGbXRlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a38f110efb44c1-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 75A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFrmjSEPL5TFuioTIkn6BxI&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFrmjSEPL5TFuioTIkn6BxI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPl86UCEOzRx6wCGPHZy4MCMAE&v=APEucNVKT7JThFjQFb5TysQ8gq_wh83Qtmnp_-w6QKbpVaQ4DUiinLxufbUiW38t9xcPoTXl0mh01eFUnMeeZfSZNMMjSszpYgFHCYKAoiKTMWdcvQ1Keko
Protocol
H2
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
an-x-request-uuid
e6e28838-ea3b-48e1-874b-f509bf8c26ec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
182.55.133.166; 182.55.133.166; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFrmjSEPL5TFuioTIkn6BxI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 75A0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzNzEyNTg3Njg0MDgxNTk%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzNzEyNTg3Njg0MDgxNTk%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPl86UCEOzRx6wCGPHZy4MCMAE&v=APEucNVKT7JThFjQFb5TysQ8gq_wh83Qtmnp_-w6QKbpVaQ4DUiinLxufbUiW38t9xcPoTXl0mh01eFUnMeeZfSZNMMjSszpYgFHCYKAoiKTMWdcvQ1Keko
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
an-x-request-uuid
a43ea6d2-9569-41ad-bc46-bfb047fc9980
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzNzEyNTg3Njg0MDgxNTk%3D
x-proxy-origin
182.55.133.166; 182.55.133.166; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame C137
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm&gdpr=0
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESEHGtnx-VGJfeQdtmOcMXkkE&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESEHGtnx-VGJfeQdtmOcMXkkE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNXzAE1Sx86_bYCEupyGw5v4XWFLRBy4XOmO3-cyyK1tQAARsOd2YSOpk1Hxu1q88kP83PaBR2xA7T-xnWYENMPAMnPBy54H-SaNYbIGsw_tuVS4tNU
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESEHGtnx-VGJfeQdtmOcMXkkE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C137
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1&gdpr=0
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNXzAE1Sx86_bYCEupyGw5v4XWFLRBy4XOmO3-cyyK1tQAARsOd2YSOpk1Hxu1q88kP83PaBR2xA7T-xnWYENMPAMnPBy54H-SaNYbIGsw_tuVS4tNU
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp4KaFmFq3M6Mj3rSyQ%2BkqroDgJz8b8puFsDey4Bt%2FZyHfkZXpm5ie368a8m9g49Vg0OK%2FVV2xG%2FLwG7GF7XiCKPAxM21XnWD%2F%2FGjGB699JqpAhXugB9Z0dcIOZ76jfkC%2FFjcJB75DUG1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a38f110efd44c1-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C137
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbBBMIpFRXEkccilE8pBJwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNXzAE1Sx86_bYCEupyGw5v4XWFLRBy4XOmO3-cyyK1tQAARsOd2YSOpk1Hxu1q88kP83PaBR2xA7T-xnWYENMPAMnPBy54H-SaNYbIGsw_tuVS4tNU
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJBetK5FsyKKF5Xrp4k3Ez3smFhRTOujAqqvM4vCbUQcLvkUSPxJvv4urN5z18AJB2ff9TGsJQVp65nEI4svZqQkf%2For6hlFriBKwmniKDBw7a08O%2B4VvLFLdN06JaoxvWSkFX%2BougbigQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84a38f121fbb44c1-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRd3un-5KyJp3qHqFslDEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:48:20 GMT
via
1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
3342
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:21:01 GMT
server
AmazonS3
etag
"435cbd9bc4b3440e866ad1f4f7d1ef02"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
nsHLQQseHuEhD1nMSfmAjwGUH5CFis_OOUErtmSKZkPft385uYaDqg==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		160 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:48:19 GMT
via
1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
3342
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:00:33 GMT
server
AmazonS3
etag
"eee1bd1fc55b604b66cd9e63c4f811b8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
HyzvU1sVyulTCsLmYrei_7r5aHPcy-CzgiMkL8wzIsx8ESi3YSb78A==
bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
bid.underdog.media/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-64.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
388ab5d34a16d8eddc6228744d69f2f89f21ece418dd78862b232766712e33c9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:34:51 GMT
content-encoding
gzip
via
1.1 c32320ec66084fc36ce5afbb4359a2c4.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 22:30:08 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
549
etag
"7b6db44ac4234e7f1b5e03ada134c65c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
2323
x-amz-cf-id
1GVm6JKhFw1GkK7Dy93F6wITLIO6ln7YJ2UH10YnbE1V7f6A58tkWw==
rrv7.js
bid.underdog.media/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-64.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f376de1bb835d16e1af993423ae06119f7ecd9fa8c3d3bad5d03255ad4bab1b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:14:20 GMT
content-encoding
gzip
via
1.1 c32320ec66084fc36ce5afbb4359a2c4.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 21:00:03 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
5381
etag
"a6a6644000f1ed524bbc92645e855635"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
1034
x-amz-cf-id
NXmfwCVo_0WSTtCEDqO4dQpNAmrxRfTkvGpasJpDWqOIdGol3FVmiA==
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.8.0&cb=27219390063&lsavail=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mypaylogin.com
date
Tue, 23 Jan 2024 22:44:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		389 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=403056&zone_id=2257012&size_id=2&p_pos=atf&rp_schain=1.0,1!udmserve.net,4013,1,,,&eid_pubcid.org=432f6371-3601-47a6-b08c-f4901c8f08d4%5E1&rf=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&tg_i.domain=mypaylogin.com&tg_i.page=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&tg_i.pbadslot=slider-middle-728x90&tk_flint=pbjs_lite_v8.8.0&l_pb_bid_id=54165f2eca10c6&p_screen_res=1600x1200&rp_floor=0.021978021978021976&rp_secure=1&rp_hard_floor=0.02&rp_maxbids=1&p_gpid=slider-middle-728x90&slots=1&rand=0.13102562202184354
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e201825fe4d51c3e08748ab335945d9762356d91c62ee1fb4e0ef2077b7c9561

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mypaylogin.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
389
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		862 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
eccb13f25f7c893a7a11cf4b52e6b6f2129ad368c62e894e707d814fb9dd09cb

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mypaylogin.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
128
content-length
566
arj
underdogmedia-d.openx.net/w/1.0/ 		174 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-480&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1706049840788&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&pubcid=432f6371-3601-47a6-b08c-f4901c8f08d4&schain=1.0%2C1!udmserve.net%2C4013%2C1%2C%2C%2C&aus=728x90&divids=slider-middle-728x90&aucs=slider-middle-728x90&auid=558951699&aumfs=20
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7163651ced123cbce9a2b5a074444bcddd2d68512e4ba771c6f7244684ee5a6e

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://mypaylogin.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
baae2691610df9a5db72078c9fcee0b792bb3675eff6640f7f6531992d05a44d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
content-encoding
gzip
an-x-request-uuid
9bcecbfb-35ef-49c8-86ce-14fdbc0566c1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mypaylogin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
182.55.133.166; 182.55.133.166; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 9BA7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 16:11:13 GMT
28f12ab4430160ff951d347f758c0661.js
www.gstatic.com/mysidia/ Frame 9BA7 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/28f12ab4430160ff951d347f758c0661.js?tag=leadgen/frosmoth_image
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
80be6b743dc602a53fa769ab4661a65895d5d6a41b1b443d2272eaf8d61aacd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 15:58:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42749
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 15:58:07 GMT
d0c418fd7c3c9b1fa25e4b07b8f8ee33.js
www.gstatic.com/mysidia/ Frame 9BA7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 17:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8305
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:36:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 17:15:40 GMT
css
fonts.googleapis.com/ Frame 9BA7 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7CRoboto%3A400%7CGoogle%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
8936a6938f2dc15cb1bab8b433e906b86cb94cdc559de5a580e6eb434749b79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 21:31:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 22:44:00 GMT
mdc_list_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 9BA7 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 15:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
27828
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6467
x-xss-protection
0
server
cafe
etag
4758454654811317262
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 15:00:12 GMT
mdc_menu_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 9BA7 		51 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 09:05:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
49136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11146
x-xss-protection
0
server
cafe
etag
2759356358486721826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 09:05:04 GMT
mdc_menu_surface.min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 9BA7 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:09:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4739
x-xss-protection
0
server
cafe
etag
18373107336927916518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:09:54 GMT
mdc_select_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 9BA7 		103 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
40925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18791
x-xss-protection
0
server
cafe
etag
10996637669125113147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:21:55 GMT
mdc_textfield_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 9BA7 		58 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
40396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10107
x-xss-protection
0
server
cafe
etag
7588401036457704084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:30:44 GMT
mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 9BA7 		31 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:34:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
22167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3021
x-xss-protection
0
server
cafe
etag
18113988596513574663
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 16:34:33 GMT
mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 9BA7 		3 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:29:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
40468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
766
x-xss-protection
0
server
cafe
etag
14497039402300002370
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:29:32 GMT
mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 9BA7 		2 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:28:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
40560
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
611
x-xss-protection
0
server
cafe
etag
18268606943400439583
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:28:00 GMT
mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 9BA7 		37 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
41152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3940
x-xss-protection
0
server
cafe
etag
17986137158686949241
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:18:08 GMT
mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 9BA7 		51 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:25:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
40722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4595
x-xss-protection
0
server
cafe
etag
17552977722549843295
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 24 Jan 2024 11:25:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9BA7 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 07:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
53439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 07:53:21 GMT
e9e356ec41155b008235c83648cb19be.js
www.gstatic.com/mysidia/ Frame 9BA7 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e9e356ec41155b008235c83648cb19be.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:01:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9775
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 21 Apr 2024 16:01:40 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 9BA7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
58246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:33:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9BA7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9BA7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:16:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
59238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:16:42 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9BA7 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
sffe /
Resource Hash
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66080
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705966741457425"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 22:44:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		0
52 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6575260646613&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6575260646613&version=m202309260101&ct=76&x=1&cor=14846434998272092000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AE12 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAcr1vS7qd_JfGK_Ouulz6-6v7WfaPu6bGj69IrnTIjcU9ki7H7gFBHgONQ4JnawAgt-lQ7nz6SFoAR8vrSoM9petweBjUFCH5e_bP9Yu0GYT8IXeuI8i2YgZ8zFIEbBCL5fwXBtsNyA8sMAv5FqYR2SOifXBrHrdXIj2_sm2JM62aESk&cry=1&dbm_d=AKAmf-CINP_CGhiB6InlDJBuhWMgsX4quykLIk0CcyFMD4Ilw-_in8B76x1eth-0QDji31LbJmsFY26D0Z1JSp7lprEa1Y2xhi4iCE3uOka33On5z1dxQ5YyGygoXB5K37tp2gM7Fy7fFC2V_l5IWHxjf_ZxpfI4IQZdPQAquYXNTfpvWsb0fK3QNNGSQKjcFbSPM0STlNwdB4A1uAIukz5pXYaZhF-jS6Qy5zedPYSEdgAy8OXTBhqq8jeH-w0o9r6J4ktPuoPdt2aHyQ9u4wiJLjw9KmumiTvB30RtuVSnPVP8CI8N5baJ4pnFRUjVyDkIrFGvyAr2vVL8rkrWELHdWmdRRZ0JaBO8aXYwPlEfJ9unoQUDPErOSDTffXsRB7HMeb3wqMLaadYzdn4qBDpsy1Ejh7Q7UfQ_0tBX1vA1AuGIYJsXKR8cmFmUMev9Ju4jRlqXAhcI5kJhPRRV1UvQHgi2xc77YUTVMPArREC2FeoervHSx1lNsJpKLNwdadxfwTwQIF1gRTAqAVpCuHEy9h_AiH2R6rQZBiz5sNCMBOS87wuWNH13T7HEdkpu8a3vKjAsjMaEfnhJOW2sALw-3eVpVdqwjzh4_jcTde1RLZXsuOALCe9DGdxwra57plRvyZTUsDNgTHuBCyT4h8LyQ6dABytK0WPnZ3Y5Mw6b8pcio1Hbo4zfGmom8Se_GJOeFBhB0jiFzdcUa2dcnnapKloZxVyeDpVHM2QzNKo7PStLhl-DhD5k87cmzUCH1M-CvUWMUJaoLoW9nvtgTCuBpGQlsC7arMBNlGbG0Y3UvQaHdcWNaW0ziLhoPkSzILSHkHrFCTBTnrM9ONqrxgyJEpzGmDkxZavl5JGCh9xd7dukEuBB6Z1wNrd0LcgSd9haZIoKNJ4dgE1AgplFmabczD5fdN-gNWpjOHZEzsC_P6X2gilyIc1I6GT7q4m9JJ6oZjuw0O5K9CD-p8-Sp5dadOfGbJsuJOGcAw1VtLjMYC1ayMDAMfrxMO5J79tOFmm0FWiwFI-HmnRhu0b0dX8QdvS9pMTpnNHGS1CnyeYqVEmIcIsXpg3PTYukDPmhucTVNcnx36wQ98bOsezFLBBTRKhj5hsJ5FrCRfYytmo93LY9CY5H7UrBNpRiMB5vKrNFbXPvQ8qQ3K-5PrT1F7OxTn8vqYCcV6mO6CWvc2IiPWS7Bl4UwJ8l79iAXv_FiOPzi4l0vFu8q8IPK9h6Tn9bO6xxWmFWzDX03iNhWG0pKZpf2-eks8hOYOkdNuQ-vvEPWN35YsfwHH6jWQjBS70So2RDuXfNnkWtyX43q-vrFv_Ye3B-alu5emk1GrOb728c0Gr5HxsHKIr2M5mviNs59Mvc70iCQq_Z7JNyBwXZbJ-j6hK0Fmv0LOYxHZsSkt2WwGE3SG-xxOARtb44H9ohVOTamo1kVR6zLBiLNn4_l3oAp5w-VKcl3ZgTn3tN9EwX7ReAvB60vmRL-LfxpRAMOM3LgJEn0nCCXc6ymXiG_jqju1tUxMj8oJR0AM41J1cm6XD_qLa0n45HbUbxB34YsWoPLzTfGRfJLX4EMCBdlIXELZo0jYSbS8-tjPvZflxZT-SGz9wbk4IkKCS7xn2M0tdUA2lJuYj-j9TWwxUOEGUbs0Pazp1IB_s0FcwBn-ucC7Pvxk9c3OireO17G5eBsjDzeC6iZObk0Mb9bdWv28Hqe3Ze0wpMeilx42IHoyjQ4u6d_ZUVPb_Xs3kSbVtb9KfJczVLQqUm8Oe7fRX0js21XuxaaZ2svtg65Cv-zj1if5rDfSbJJm4UXwEJ2v99EKNil6D2T81QLJbHJcro3uRapc6JSz36l8EwTVJr_egJVdEHWkXRPclETghlfhjIlc9eJYddYj3ucqOVMitkzSIfEe5uh89Ws1Mp-digzgryumr2hJR6tOyug1fGXqZIkrC6rlSoUBkZ5Xfu4cpihm1VnArKlbPHqml49v6A71BKSGAm-FfbdETFP1xSfkA-X9zsM6TqANwCIo6CLLDk9UI92RjBKLURkHEO2DJ-AWD8I1dLEzXKEmizmZnvksHwdyWnDKJi97Wi4qRirL5UwtfNl_EHY53bHZVBvjyJYO0ZCf--DBRCWa443J1HNdmEmr5xIdNrnCx0bKwFjwcYbFv5ndr6ecIuvuV-xkA4XS9zZZ8OCjCrSmRkt86c9aWPy7rukcL_hnyEDGyblkd4YS_s0O3fcjVM6NOH6kggvUKBArDEVVpEfqIZzSJeU-ihvVyvMaxNTtf7Dcfuc1pGuSjb72hzrXdPrEaSUO1exwke2Gu9bKeLdVe6Dju4WyLefT1f4MM9kr7mbxfTRzEMvi2WHsZMvJ1aPrM9kNdOSEYpD4UFhV2ETsOJ-RH7hNz3aZ9uGPJN3TxfjeDO_uNcOYCPCET0aQ2ZM7MjweM99u7b3VF3qz6zhGkyk6vPFFtf4-KyP6r0GDXj6PUPYkjf8jW90xcQBb9jrHtcMkUoRZ0Apa47n5sgD-1PwvK_BJUK3Sd9f2USjFcxcKMO74PirCjZilzZsxKt_feVkI4oNi7oFyecXYOtK4PrVJcotcYlo4dqicuir2lZ93ddjf__JwRDSalEfhlc0twXe8daZMTHbWGLOGdFoR-DOI1vsglqagu6KLO4i6WaB38Iik3Ni47_wbDctJE_gMQDQcuHy73qKjQwNIBxT1dB5OSn24pwXGLCJ1d_4CVabcC1xR2FnpEVnuFfG1tZdbBQlJnzbAmYe0_yohoC2Nx2P3IN0yBH1f0yknBAi0vEqKdzL4HG8tirOKpJyC4PoBI2QBzf401GXDgIFj9PlWxv6biIcvm2tbnaZqk1xBs2mZdGobhYLh83wobiBqfYabIHymatqQIpCiZQIX_f_4r1ijACfiJ0gnAJYhnxAC2sD9YsrrcoSgAgLraCsk4Owbwinz0Bo8rc9Xfg-NEMo-KBx0rWE4vuRxMqhoZtfaZRNMQqEQWrjR2R4-ykiOqwO57dS_QJ8ZvAnClTvvn9&cid=CAQSTgAvHhf_7bNfcGWqOMlMcORGvNR2XwoPTkOFyesG_ksLOm1VbKns3AES3zEqYNixuOFNVvaZ4sSONOjFhI1mlwOw4wWJST9IqNn0xvoYORgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fmypaylogin.com%2F&ds=l&xdt=1&iif=1&cor=14846434998272092000&adk=1405019968&idt=39&cac=0&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
8faad5c17793080e6d73c4bfc50a4eb37829582de2521021edf69cf5e5488ab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exoclickright.=adspremiumplacement&yourtango.com
fundingchoicesmessages.google.com/f/AGSKWxW4YBpyNg2tbLHiFYQ6Xl9E4ueHWvoABzvps0DFIRorSXEbdz67h0HeGSz_wCvR0V2z93cmaVtfUzxfRUPDaAbN5QZWaRfwfieswv4yRCNE10emWbiPbuN4CCKGadjoe6oiM2TY-4G6JNLDFPWo1ynJBJ8g1... 		54 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW4YBpyNg2tbLHiFYQ6Xl9E4ueHWvoABzvps0DFIRorSXEbdz67h0HeGSz_wCvR0V2z93cmaVtfUzxfRUPDaAbN5QZWaRfwfieswv4yRCNE10emWbiPbuN4CCKGadjoe6oiM2TY-4G6JNLDFPWo1ynJBJ8g1WicZ6J88f_46ANH-3YfKWnVCSTd1ZU3/_/adcash./admixer_/exoclickright.=adspremiumplacement&yourtango.com
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzAfoTxIl9osQRxMclx4sZPz8pDug/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
05442fe50b20efb5c302cf1b3e04981f99b523889b6cd7933b277c8a7e5cf6a4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V4wasWBy6dmc0zyFuj0Crg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-V4wasWBy6dmc0zyFuj0Crg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KkhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZiIR6ODU0H17IJ3Di8YTUzALgrWAQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzAfoTxIl9osQRxMclx4sZPz8pDug/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
74564
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 02:01:16 GMT
AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
fundingchoicesmessages.google.com/el/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8CgE1SEDB6xG6ZsYeldqiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-8CgE1SEDB6xG6ZsYeldqiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQJiIR6ODU0H17IJzHj2YA0zAOVnHCk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mypaylogin.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame FBB3 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ZENITH_GLOBAL_ORACLE_DCM1&dMoatBDS=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fmypaylogin.com&lp=https%3A%2F%2Fmypaylogin.com&t=1706049840874&de=890560283690&m=0&ar=805b0ce1b97-clean&iw=0eae4ac&q=2&cb=0&ym=0&cu=1706049840874&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=1106306%3A30854470%3A385871515%3A208358873&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&id=0&ii=6&bo=6604461&bd=mypaylogin.com&zMoatOrigSlicer1=6604461&zMoatOrigSlicer2=N%2FA&gw=zenithglobaloracledcm444268370365&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jh=-1&jm=-1&mr=0&ml=-&fs=207009&na=1726173965&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 22:44:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 306F 		436 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=90&adk=3070604948&adf=3048218963&pi=t.aa~a.572715990~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x90&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840352&bpp=1&bdt=3137&idt=1&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600%2C1200x280%2C1200x280%2C1200x90%2C1600x1200%2C120x600%2C120x600%2C728x90&nras=9&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4243&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=8&fsb=1&dtd=627
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
f7e21269a2940988509d4b732cb8d7f04a0a6aac8ad2474df6c0feff23af69a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 82B1 		436 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=90&adk=2743202993&adf=1056458448&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1706049840&rafmt=1&to=qs&pwprc=5353064814&format=1200x90&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049840349&bpp=1&bdt=3134&idt=1&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e0f0917d1d54923%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw&gpic=UID%3D00000cee6cc72bf2%3AT%3D1706049839%3ART%3D1706049839%3AS%3DALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA&prev_fmts=0x0%2C300x600%2C270x600%2C1200x280%2C1200x280%2C1200x90%2C1600x1200%2C120x600%2C120x600%2C728x90%2C1200x90&nras=10&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4353&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=9&fsb=1&dtd=636
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
af0c046f44414343cbaa5f2e1382974e26e3da25fe7bdacbac885b153addcd47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame FBB3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstQ7-5EPIlQXd7AKnChP990Z-1VAxyLKhZLoQY6A5rV3cJ0cWHzIsNT19qmeeKWYMy8F10c4kIPTKmPU9Zo7m5iGdOHQhfxzaqY4diL6HnMEiXDtc7E0tB0Z5F8L_uvOk132jflz5tUbqg2NvwM1JVkqFcn8-Di4vusNklN8ra-rRJc-KmYPdlSNa_8DCUH1jM09eTq2X2ThQSbwd_x4Yfs2B83DIKco40iKlDWIc7sLP0Obof-LIPir-ysB0PxPxmlv9P-mPPoAbz61UaalovIi52chcwzYUJu-lYgGZ6UVNa_b8ZwBnNQJFeDv-2Rh2l3pbd1EnpGg2rG4Wh_DxlYp_48BWo190YxzQQ5-EGbAYGsgqc0J9nuMmHjE-QqkCrSBoBv1srXFWMTNwHLdLNyXk1Ft9Xs7CxNAeK8UKMmGbqaBcdOHINy5Rbskcgyq3gc-MO1ZcZPORLwUWbMQjUuEa43FqXCwNPtEZ1zYxinbr0sYKVs1f9Am9yAdNj_aiUkRTmSYbWLR6CZzgd_Siqcw5MbAhuk97HIow32JnFNuewPBgQGjtmgslzuGy-IBLLUb2-y_Mf9W9ZuMPr_gPMaQ0m5UoAA8Dyb2mMGK42d7VkWkKbi8gRYUxWSodha7eEVATjyeVVimRifuMZ--B7_fB3mdBBJ42TpKgAAcvh-KPdCFBX76vP-AghCuu7LKYoKGmC7zbV_kGu3hBKzCRazFAiPum0nUx7bL9Nqka_ToAsLsW5tRDcq7M_TA5_wPqyg26MG1rm5AZQCnvAaFFVi0kp00gsUckro5AZv4-Crc6t62q0kVqfBoHQ06VKGGg21zLivuWB5v8lgX4DChC46PB7jVyf0zZKQzm9zNSdWbzJINWw6JPS-bslKHxzKzYu45MGblNLgiYvYSyJGhAuMexZNVYUzTHcqTSKRh6y83x8qrQfoEjzTKzpuO_yoRJ7zgvxlafNMOAfA52HPhyv-du-jbkac3r8bO6zS-a_FLIWDA7sdhjBDZhFevKQnydRsFj7pxCOyGpaeSRSEoxAx7c0xAgMDqeCafQEw_P0e-JlKNfIYrC5gF6cM4NLHJqQDWeOogzlMUs41ds-vd_Ndw30McQ2uBUHFS4l382qYxgkj9tGOzNFE1vmipgf0aDxaz-cOZRUYH_ZVleFNM3gyi5z6cVpsbiQDHC1k6QpYa5tmMz-KDsEOQQZH7vl6C8Pbr9FYIDKYI6lWx4s7I9OwNTUIFFASLJl9JFHytRRElU4AafbnWJVOUQwYZLN376HdU33CPAlEyEj28iitftKqSdHv-A3tFE6U0JVK_bRkLSw9kH4OYhzC9xEfOZiie_z-&sai=AMfl-YQFy_GsRadOGp1FK_BxeioyZUsHyaElk8JfIAir0hoC6E6Rn89F9eFVHA21ddvExa8Z1XBATY8RY0oTIK4rafB68kzuQUI972jKZ7zH2QHj8fpGQmN1rJBylXhEyh1voLt4OS_RKxZvOvTka6D8_75sqL-DLEZQcqq9z83EejTSgz4KA04XR1OW63mDlC88JDmF1xBpXjCkQMxY2L76dK2RW-OIA4UZ6tPAaSqDFme0apUxIe0yCC5C2ZpakjWNnXW9aguU9rg5i-OoRFh5nBfBxJp7BlLtwfy4PPS-jUSBQnXwHLKGwZJncSjQyb_pyQnOJYHxAcDjxpHUThPo6T2L-bV_Gi3R_pUSccyjePCjSlrHQUhOwrhAcLALiVqoQAbZPVok3x83sEwgSv1R65aLOiWiiGAklhG8tVQtBB_EJKFYolZ3t3auJWR1Pg0W_zmI-nir_4JV2JvYrhM6IKtwMS_3V50et273F4d6oKk5BlqmtJ9_QXBrK0LJn3kS-hC0e2U&sig=Cg0ArKJSzMTOiq7cdurbEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vcmFjbGUuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=483&vt=11&dtpt=481&dett=2&cstd=1&cisv=r20240122.85695&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AE12 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAcr1vS7qd_JfGK_Ouulz6-6v7WfaPu6bGj69IrnTIjcU9ki7H7gFBHgONQ4JnawAgt-lQ7nz6SFoAR8vrSoM9petweBjUFCH5e_bP9Yu0GYT8IXeuI8i2YgZ8zFIEbBCL5fwXBtsNyA8sMAv5FqYR2SOifXBrHrdXIj2_sm2JM62aESk&cry=1&dbm_d=AKAmf-CINP_CGhiB6InlDJBuhWMgsX4quykLIk0CcyFMD4Ilw-_in8B76x1eth-0QDji31LbJmsFY26D0Z1JSp7lprEa1Y2xhi4iCE3uOka33On5z1dxQ5YyGygoXB5K37tp2gM7Fy7fFC2V_l5IWHxjf_ZxpfI4IQZdPQAquYXNTfpvWsb0fK3QNNGSQKjcFbSPM0STlNwdB4A1uAIukz5pXYaZhF-jS6Qy5zedPYSEdgAy8OXTBhqq8jeH-w0o9r6J4ktPuoPdt2aHyQ9u4wiJLjw9KmumiTvB30RtuVSnPVP8CI8N5baJ4pnFRUjVyDkIrFGvyAr2vVL8rkrWELHdWmdRRZ0JaBO8aXYwPlEfJ9unoQUDPErOSDTffXsRB7HMeb3wqMLaadYzdn4qBDpsy1Ejh7Q7UfQ_0tBX1vA1AuGIYJsXKR8cmFmUMev9Ju4jRlqXAhcI5kJhPRRV1UvQHgi2xc77YUTVMPArREC2FeoervHSx1lNsJpKLNwdadxfwTwQIF1gRTAqAVpCuHEy9h_AiH2R6rQZBiz5sNCMBOS87wuWNH13T7HEdkpu8a3vKjAsjMaEfnhJOW2sALw-3eVpVdqwjzh4_jcTde1RLZXsuOALCe9DGdxwra57plRvyZTUsDNgTHuBCyT4h8LyQ6dABytK0WPnZ3Y5Mw6b8pcio1Hbo4zfGmom8Se_GJOeFBhB0jiFzdcUa2dcnnapKloZxVyeDpVHM2QzNKo7PStLhl-DhD5k87cmzUCH1M-CvUWMUJaoLoW9nvtgTCuBpGQlsC7arMBNlGbG0Y3UvQaHdcWNaW0ziLhoPkSzILSHkHrFCTBTnrM9ONqrxgyJEpzGmDkxZavl5JGCh9xd7dukEuBB6Z1wNrd0LcgSd9haZIoKNJ4dgE1AgplFmabczD5fdN-gNWpjOHZEzsC_P6X2gilyIc1I6GT7q4m9JJ6oZjuw0O5K9CD-p8-Sp5dadOfGbJsuJOGcAw1VtLjMYC1ayMDAMfrxMO5J79tOFmm0FWiwFI-HmnRhu0b0dX8QdvS9pMTpnNHGS1CnyeYqVEmIcIsXpg3PTYukDPmhucTVNcnx36wQ98bOsezFLBBTRKhj5hsJ5FrCRfYytmo93LY9CY5H7UrBNpRiMB5vKrNFbXPvQ8qQ3K-5PrT1F7OxTn8vqYCcV6mO6CWvc2IiPWS7Bl4UwJ8l79iAXv_FiOPzi4l0vFu8q8IPK9h6Tn9bO6xxWmFWzDX03iNhWG0pKZpf2-eks8hOYOkdNuQ-vvEPWN35YsfwHH6jWQjBS70So2RDuXfNnkWtyX43q-vrFv_Ye3B-alu5emk1GrOb728c0Gr5HxsHKIr2M5mviNs59Mvc70iCQq_Z7JNyBwXZbJ-j6hK0Fmv0LOYxHZsSkt2WwGE3SG-xxOARtb44H9ohVOTamo1kVR6zLBiLNn4_l3oAp5w-VKcl3ZgTn3tN9EwX7ReAvB60vmRL-LfxpRAMOM3LgJEn0nCCXc6ymXiG_jqju1tUxMj8oJR0AM41J1cm6XD_qLa0n45HbUbxB34YsWoPLzTfGRfJLX4EMCBdlIXELZo0jYSbS8-tjPvZflxZT-SGz9wbk4IkKCS7xn2M0tdUA2lJuYj-j9TWwxUOEGUbs0Pazp1IB_s0FcwBn-ucC7Pvxk9c3OireO17G5eBsjDzeC6iZObk0Mb9bdWv28Hqe3Ze0wpMeilx42IHoyjQ4u6d_ZUVPb_Xs3kSbVtb9KfJczVLQqUm8Oe7fRX0js21XuxaaZ2svtg65Cv-zj1if5rDfSbJJm4UXwEJ2v99EKNil6D2T81QLJbHJcro3uRapc6JSz36l8EwTVJr_egJVdEHWkXRPclETghlfhjIlc9eJYddYj3ucqOVMitkzSIfEe5uh89Ws1Mp-digzgryumr2hJR6tOyug1fGXqZIkrC6rlSoUBkZ5Xfu4cpihm1VnArKlbPHqml49v6A71BKSGAm-FfbdETFP1xSfkA-X9zsM6TqANwCIo6CLLDk9UI92RjBKLURkHEO2DJ-AWD8I1dLEzXKEmizmZnvksHwdyWnDKJi97Wi4qRirL5UwtfNl_EHY53bHZVBvjyJYO0ZCf--DBRCWa443J1HNdmEmr5xIdNrnCx0bKwFjwcYbFv5ndr6ecIuvuV-xkA4XS9zZZ8OCjCrSmRkt86c9aWPy7rukcL_hnyEDGyblkd4YS_s0O3fcjVM6NOH6kggvUKBArDEVVpEfqIZzSJeU-ihvVyvMaxNTtf7Dcfuc1pGuSjb72hzrXdPrEaSUO1exwke2Gu9bKeLdVe6Dju4WyLefT1f4MM9kr7mbxfTRzEMvi2WHsZMvJ1aPrM9kNdOSEYpD4UFhV2ETsOJ-RH7hNz3aZ9uGPJN3TxfjeDO_uNcOYCPCET0aQ2ZM7MjweM99u7b3VF3qz6zhGkyk6vPFFtf4-KyP6r0GDXj6PUPYkjf8jW90xcQBb9jrHtcMkUoRZ0Apa47n5sgD-1PwvK_BJUK3Sd9f2USjFcxcKMO74PirCjZilzZsxKt_feVkI4oNi7oFyecXYOtK4PrVJcotcYlo4dqicuir2lZ93ddjf__JwRDSalEfhlc0twXe8daZMTHbWGLOGdFoR-DOI1vsglqagu6KLO4i6WaB38Iik3Ni47_wbDctJE_gMQDQcuHy73qKjQwNIBxT1dB5OSn24pwXGLCJ1d_4CVabcC1xR2FnpEVnuFfG1tZdbBQlJnzbAmYe0_yohoC2Nx2P3IN0yBH1f0yknBAi0vEqKdzL4HG8tirOKpJyC4PoBI2QBzf401GXDgIFj9PlWxv6biIcvm2tbnaZqk1xBs2mZdGobhYLh83wobiBqfYabIHymatqQIpCiZQIX_f_4r1ijACfiJ0gnAJYhnxAC2sD9YsrrcoSgAgLraCsk4Owbwinz0Bo8rc9Xfg-NEMo-KBx0rWE4vuRxMqhoZtfaZRNMQqEQWrjR2R4-ykiOqwO57dS_QJ8ZvAnClTvvn9&cid=CAQSTgAvHhf_7bNfcGWqOMlMcORGvNR2XwoPTkOFyesG_ksLOm1VbKns3AES3zEqYNixuOFNVvaZ4sSONOjFhI1mlwOw4wWJST9IqNn0xvoYORgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fmypaylogin.com%2F&ds=l&xdt=1&iif=1&cor=14846434998272092000&adk=1405019968&idt=39&cac=0&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 03:24:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
328776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 03:24:25 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame AE12
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt6...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKa...
53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
bb681e832636dc759f9e60f8ea6832511b5b1228292aedd6d3646267cc94e256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21276
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame FDD5 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.52.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-52-35.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 6167e07425fe7eef3653a20f2ea366fa.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
2375625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
PW3fXu_jx9TPEn5_4f5d8w2DzA0jsVCentDtwcPk9E2N4Xbt_P9eAA==
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A0A8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
328776
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 03:24:25 GMT
expires
Sun, 19 Jan 2025 03:24:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FBB3 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83f5e2eb5da91d5378ef2f65a2af8276598c5cab1be510b2df042c534ac4b237

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7NIC,pingTime:-3,time:99,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:37%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:99,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B89~0%5D,as:%5B89~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,rmeas:1,rend:0,renddet:IMG.us,siq:38%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7NID,pingTime:-6,time:100,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B90~0%5D,as:%5B90~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,rmeas:1,rend:0,renddet:IMG.us,siq:38%7D&tpiLookup=ao:mypaylogin.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
anchor
www.google.com/recaptcha/api2/ Frame D754 		46 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_&co=aHR0cHM6Ly9teXBheWxvZ2luLmNvbTo0NDM.&hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&theme=light&size=normal&cb=iaym3bq96ic
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__zh_cn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
GSE /
Resource Hash
d7e0374365e92593122f2f64377976a8ff1efe732248583a96609680af52970f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E7ydmPLi_lr21M_-ohUGrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-E7ydmPLi_lr21M_-ohUGrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
fundingchoicesmessages.google.com/el/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2-zWAeYRWK2wMdGvp5md4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-2-zWAeYRWK2wMdGvp5md4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQJiIW6OjU0H17IJvLj32RcAyAMcGg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mypaylogin.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
fundingchoicesmessages.google.com/el/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fWQ-PQnafr_QOwXr81H3Mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-fWQ-PQnafr_QOwXr81H3Mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmII0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQJiIW6OjU0H17IJdCx65A8AyTAbfA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mypaylogin.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
fundingchoicesmessages.google.com/el/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qVysHelamor2ULHJPK3RQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-qVysHelamor2ULHJPK3RQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQJiIW6OjU0H17IJvPjwJAAAyGMcIQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mypaylogin.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXfSthu5CY80ajZ5y6cmvNKJuBF6n3TWTnGKkjAnlLRjlHPKDsy9q3T5rw37SryWc_5dgkEX2Aclisz_6IWnWojP7gXJ3GJIPq-pM8TW4Ai5d-_zAOqY0A_3MImaj_6HntN2Q_GVA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXfSthu5CY80ajZ5y6cmvNKJuBF6n3TWTnGKkjAnlLRjlHPKDsy9q3T5rw37SryWc_5dgkEX2Aclisz_6IWnWojP7gXJ3GJIPq-pM8TW4Ai5d-_zAOqY0A_3MImaj_6HntN2Q_GVA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MDQ5ODQxLDE0OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9teXBheWxvZ2luLmNvbS9wYXktc3R1YnMvbW9uZGVsZXotaW50ZXJuYXRpb25hbC1wYXktc3R1YnMtdzIvMjI3MC8iLG51bGwsW1s4LCJZdGt2VXZyMEtoSSJdLFs5LCJ6aC1DTiJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzE4LCJbW1swXV1dIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
61ea08c9042d0f2825565788e9aa172bc11f544f8dd68408cdb20289aca43633
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vtoWeRWFqFsDH-76ZShNcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-vtoWeRWFqFsDH-76ZShNcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KshxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJo6vL5kkgFgNiN9JvmL6BsQ7fDxY3oRPZ2WLmM56umA662UgZquYzsoHxHF101lzgJhv3XRWzfXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrJCB2Sp_BGgDEnzNnsP4GYiFujo1NB9eyCdxYPCcKAIM4XJA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7NJj,pingTime:-2,time:142,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:404,beZ:406,mfA:410,cmA:411,inA:412,inZ:416,prA:416,prZ:435,si:442,poA:443,poZ:472,cmZ:472,mfZ:472,loA:504,loZ:508,ltA:546,ltZ:546%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:37%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B133~0%5D,as:%5B133~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:38,sinceFw:102,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1E67 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
328776
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 03:24:25 GMT
expires
Sun, 19 Jan 2025 03:24:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=BwEBNMEGwZcTiNZW19fwPh6Gs2AcAAAAAOAHgBAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=378047477;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F;uht=2;fpan=1;fpa=P0-870260267-1706049840689;pbc=;ns=0;ce=1;qjs=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=378047477;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F;uht=2;fpan=1;fpa=P0-870260267-1706049840689;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=mypaylogin.com;dst=0;et=1706049841179;tzo=-480;ogl=locale.en_US%2Csite_name.MY%20PAY%20LOGIN%20%7C%20An%20Employee%20News%20Portal%2Ctype.article%2Ctitle.Mondelez%20International%20Pay%20stubs%20%26%20W2%20%7C%20MY%20PAY%20LOGIN%2Cdescription.Mondelez%20International%20uses%20the%20Ultipro%20system%20to%20distribute%20pay%20stubs%20and%20w2%20fo%2Curl.https%3A%2F%2Fmypaylogin%252Ecom%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F;ses=578af8d9-10af-486e-8098-0548d9208704;mdl=
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=365411009;labels=edge.1%2Csid.18969;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F;uht=2;fpan=1;fpa=P0-870260267-1706049...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=365411009;labels=edge.1%2Csid.18969;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F;uht=2;fpan=1;fpa=P0-870260267-1706049840689;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=mypaylogin.com;dst=0;et=1706049841180;tzo=-480;ogl=locale.en_US%2Csite_name.MY%20PAY%20LOGIN%20%7C%20An%20Employee%20News%20Portal%2Ctype.article%2Ctitle.Mondelez%20International%20Pay%20stubs%20%26%20W2%20%7C%20MY%20PAY%20LOGIN%2Cdescription.Mondelez%20International%20uses%20the%20Ultipro%20system%20to%20distribute%20pay%20stubs%20and%20w2%20fo%2Curl.https%3A%2F%2Fmypaylogin%252Ecom%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F;ses=578af8d9-10af-486e-8098-0548d9208704;mdl=
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame D754 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_&co=aHR0cHM6Ly9teXBheWxvZ2luLmNvbTo0NDM.&hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&theme=light&size=normal&cb=iaym3bq96ic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 17:05:04 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame D754 		490 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_&co=aHR0cHM6Ly9teXBheWxvZ2luLmNvbTo0NDM.&hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&theme=light&size=normal&cb=iaym3bq96ic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
e881bf089d326461acc37044e7090f49ffb6584af18a2343f6da6d95d7acde93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199721
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 17:06:52 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame A0A8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 08:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
53012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 08:00:29 GMT
4249
ads.everesttech.net/ads/mts/24651/ Frame AE12 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsub5z2V4sA8g8zG7ffzo8tnjYRp0qV7gwTRbcJjeQ_CSCsri8OGSuvj18XNgVtqcCjEt0gdpQZFCwYmY8UD91PJLfU5QkrDwSDmD-t7w8Qg_WxHti8kpY_mvSiTQc0gG4ik8bgOx6CLn50D1dFpIXyfcBoGkB1Ahp3L8QYTbI5Jdlf8vm473DTOrvp3ZRDQkDdr4uTjOzSPFPITRZneiNxr8ZZbfpQg2Tc3e1YaXzd_-kKS8Lko2j_4R14j3v5D_TK5dNPrkzbsgpG-hLDbx7mragUmrL8Vt06vLm2qIs6aSYnOekq7841zOGmW7On_2DPh9z9OqMXan0LOgR-Ngp6-0YqzHENv_NNY7kYZVChLFE9skATAlqzlRvC20gPCQq1pCcOcLfrDHtPT1bmteWMog0xHO7CowtthGpmVGEpwOIMtDU_1nv-JPcxWZsnkrOkRVA441AWZYBSMcdtZXVlnwgIZrqxQ6wkautTU-8TAR1J4iwb8iYIxV-YlYCByUf0oRF2w4ayLoC2o7BqH7DOkhxRGShfnpv96zBl69DzEUclJz0t_0I8dR282iw_BXcyJv3AssOcdfZaI9BQcSthZe_ykFYpDuobVAUQ37TmhmZE0XCXAvN7My9Wtlw5kbC_netLhnoe-QJqrgsDv5V7ITrC0t9PEukdvlG8gsHsjiKnq34-mmrNotlrN_jOtLvm-gyla85Ps3Ayq9ghe-bYU4jsvoi_9oIbmVAy0tPCa7vZVIUknW8_ckoFbcpzj4uIYS72gCiLSNp_fucfmDLp9NXVaIJHUybhSjcfqVTX8n7rVp9BlZVTcuKRswGxvhUs86dOXLzinRRGVm2ydd1MzeQQortnc445fyCdUB3dxlzPMI6WDZkwx8xuFz37kY81iSaPv2r4aWLb0aojAxcElc3kEguo_aKJN57MmP6nF0KvS-nKvBmWOz4kZ42T1xfinf0yC1cwN8ZJaHR2eTn_jLVfil-xgMDbH8xa0fLpOREQcxokUCfaBnaYGS1f93a6E_oUnhvvgwbIct3tpX1hKawMdhXAHuxxf11u9x1YATKP6yPKL5zc4MmOuUsoQw1-pUKYLStij0GJMCyIC8qktEun4f1QbDJx9ct2HF3ZWf0LJFFjRhPH5-Ez56KElwO157aEGh9S-n52sfjZVNpeyhgigEOUcfJvX8v-f3R4RI9-zOTL6oYHr52bMZDP2pf2ftk3Mi0ijiaV7fxrHBz74Er_Sqn4h1T0pf-0yiLySSXFhX5-XQDvNBSTQ4mrc8raO&sai=AMfl-YSWekufdMVevV7fTP4p3eMrLrQNeSIXugPMaq_LLjCa8HlEa-ju6cDAhVbocABHKgEPYzE2N982CboQZDzn4XPZtXh-pJx_3YFD3bTnhCu8dXKb_UWtbJU9S-fclsECqj9RIG6Y0mZzE2bibQH9dqw693CU4KKlxOCJ8UpSCsG0yIhGmPT08TA5DdlSQyIs1_EIEYiZfSWMyjXnTGQIuwpJaWifjYBGVbbjZhHq0D67cA28iz1ItGBlyMYMTaJNkmKTvDbVwvMO1s1ea7MGeW4lX6KDRZp1uXHUB3Q4D5FYYhSIk5g&sig=Cg0ArKJSzL6oumVcaI5OEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30056140&DFA_PlacementId=369677253&DFA_AdId=560290187&DFA_CreativeId=168629754&DFA_SiteId=6958819&TC_1=cmm9nzf93z2&TC_2=30056140&TC_3=369677253&TC_4=168629754&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056140$dcmadid|560290187$dcmrenderingid|168311820$dcmsiteid|6958819$dcmplacementid|369677253$customer|Microsoft$dv360auctionid|ct=SG&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369677253
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7507174334378103&ias_chanId=1&ias_placementId=20262206047&bidurl=https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0inKlnRlpSirduXiMAPjLHd&adsafe_url=https%3A%2F%2Fmypaylogin.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fmypaylogin.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7507174334378103%26fa%3D1%26ifi%3D12%26uci%3Da!c%26btvi%3D7&adsafe_type=be&adsafe_jsinfo=,id:82f3fddf-3880-7f88-5a5a-d6122346d5f0,c:2c7NHC,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d966585d8-22fqq,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:38,oid:e6c690d1-ba40-11ee-a60c-a61eac8a832a,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.189.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-189-200.us-west-2.compute.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
7722baad4e4647f410651819b53ec66017cf77d84cf7bcf4eebdb157b5502c11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
server
AMO-jAds/1.1
p3p
NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type
text/javascript;charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
6656
expires
Tue Jan 23 22:44:02 UTC 2024
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame AE12 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7507174334378103&ias_chanId=1&ias_placementId=20262206047&bidurl=https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0inKlnRlpSirduXiMAPjLHd&adsafe_url=https%3A%2F%2Fmypaylogin.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fmypaylogin.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7507174334378103%26fa%3D1%26ifi%3D12%26uci%3Da!c%26btvi%3D7&adsafe_type=be&adsafe_jsinfo=,id:82f3fddf-3880-7f88-5a5a-d6122346d5f0,c:2c7NHC,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d966585d8-22fqq,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:38,oid:e6c690d1-ba40-11ee-a60c-a61eac8a832a,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 06:32:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
58281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11931
x-xss-protection
0
server
cafe
etag
11828260617052087593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 06:32:40 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame AE12 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7507174334378103&ias_chanId=1&ias_placementId=20262206047&bidurl=https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0inKlnRlpSirduXiMAPjLHd&adsafe_url=https%3A%2F%2Fmypaylogin.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fmypaylogin.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7507174334378103%26fa%3D1%26ifi%3D12%26uci%3Da!c%26btvi%3D7&adsafe_type=be&adsafe_jsinfo=,id:82f3fddf-3880-7f88-5a5a-d6122346d5f0,c:2c7NHC,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d966585d8-22fqq,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:38,oid:e6c690d1-ba40-11ee-a60c-a61eac8a832a,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 01:01:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
78126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 01:01:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AE12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlP3OOzE3XS8FAufgmm7MI_5rfdKRGIhRG0bCHlJp_C_unEKCsweTaEx0ljxNMhuZEj4TTVevPD0kDoyE2DSbmgYaSbR66Z0SZ_mspt1UtqxlQxjv31z3mB6smcP69wJkBIcUUNBe_6vhmE1q5CNW1XlVD0Ya2snFmzhOT&sai=AMfl-YQlBixi6c20JKKW9FeqGJp9XQmYFDD2J6oFzq5rEkOx0Yoj5lsVbBcdXiQ5oJlF5RbWpqliB45xJ1Kz5Uhf6XqgQYl5q9658_Rx3s8z-qNPWoWgo8kIemjkPZXmPw&sig=Cg0ArKJSzExn3o6_LEDVEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.23406&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7507174334378103&ias_chanId=1&ias_placementId=20262206047&bidurl=https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0inKlnRlpSirduXiMAPjLHd&adsafe_url=https%3A%2F%2Fmypaylogin.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fmypaylogin.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7507174334378103%26fa%3D1%26ifi%3D12%26uci%3Da!c%26btvi%3D7&adsafe_type=be&adsafe_jsinfo=,id:82f3fddf-3880-7f88-5a5a-d6122346d5f0,c:2c7NHC,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d966585d8-22fqq,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:38,oid:e6c690d1-ba40-11ee-a60c-a61eac8a832a,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
AGSKWxXMgZveUz9nFa3Hi557-pEgyO9CtTf2JBfLp0-T1iKA6kSL9vIppETKWfNeCuHIhgo9ojuq0xADGHSExmeKeWxUF8Cj2I5nyI0TRZ5dnrJKz33FA83-lLnkxmmV3-UeRxKoOl4-wg==
fundingchoicesmessages.google.com/el/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXMgZveUz9nFa3Hi557-pEgyO9CtTf2JBfLp0-T1iKA6kSL9vIppETKWfNeCuHIhgo9ojuq0xADGHSExmeKeWxUF8Cj2I5nyI0TRZ5dnrJKz33FA83-lLnkxmmV3-UeRxKoOl4-wg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IRx_eQAzqKttQpaAU8PQBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IRx_eQAzqKttQpaAU8PQBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmJw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQJiIW6OjU0H17IJrGjeWwcAxbcbeg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://mypaylogin.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
fundingchoicesmessages.google.com/el/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXHW9oiNvamU7JRjtbYJpLkIpdmb70-5bFt6UJgBLifiVb0s0ph11haAbEZMTRT3pQ59gJCVZ6N9CsQDYBaM-UoR7hXmEDzRv8hlZciagJvv4hNx38i-54cqj5Pjj-oZrYgNVtJ8w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hDa4Z3DBwG_ZRh3YblR23A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hDa4Z3DBwG_ZRh3YblR23A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmLw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQJiIW6OjU0H17IJvDjwpB4AyrQcKg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mypaylogin.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 1E67 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 08:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
53012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 08:00:29 GMT
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7NNg,time:387,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:387,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B377~0%5D,as:%5B377~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,rmeas:1,rend:0,renddet:IMG.us,siq:38,sis:222%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
img.fetch
udmserve.net/udm/ Frame 0628 		0
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=18969;tid=1;dt=7;p=1;rri=1706049840038_136608_182.55.133.166;mid=48183;zzz=%5B48183%2C1706049840%2C%22e8kLzkmZ%2FadKuUq7sYdFnw%22%5D;version=v2.23.3;cb=0.5244603980267866;qqq=26.784949001457104;session=1;style=slider;vis=visible;traffic_info=%7B%7D;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN46562 (PERFORMIVE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/x-javascript
Date
Tue, 23 Jan 2024 22:44:01 GMT
Expires
-1d
Connection
Keep-Alive
Content-Length
0
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
aa.js
q.adrta.com/s/udm/ Frame 0628 		890 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/udm/aa.js?cb=0.31007576
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.56.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-56-183.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e945bfc9ab13998bd966016c071dfdaf3f65151be0b521bc27de7795a9e28112

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 22:44:02 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 0628 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
759ce2a2ce00d61d23c78b075f72880dba5cec69876073fc1313ccfe536c7101

Request headers

Referer
https://mypaylogin.com/
Origin
https://mypaylogin.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 22:44:01 GMT
content-encoding
br
last-modified
Mon, 08 Jan 2024 22:48:38 GMT
x-azure-ref-originshield
08BKwZQAAAAAc7qYhBaL6SZNabN5kTdzhU0lOMjIxMDgwNzE3MDM3ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
KZ85098409+xSFlkh0Pi2Q==
etag
0x8DC109BF43EA7FE
x-azure-ref
0MkGwZQAAAADMTNr4AdhdQIZGCRcHgdKvU0cyRURHRTI4MDcAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
015490cd-e01e-00b9-2723-4e6fe9000000
cache-control
private, max-age=3600, stale-while-revalidate=86400
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 0628 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Tue, 23 Jan 2024 22:44:01 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
5992621
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-qpg1269-QPG
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1706049842.540289,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 2237025
it
sin3-ib.adnxs.com/ Frame 0628 		0
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fmypaylogin.com%252Fpay-stubs%252Fmondelez-international-pay-stubs-w2%252F2270%252F&e=wqT_3QKoCPBAKAQAAAMA1gAFAQiwgsGtBhD2oYPlxuix7TMY3_zWmMXK5W4qNgkAAAAAoPWkPxEAAAAAWOmjPxkAAACAPQr3PyEREgApAQnooPWkPzEAAADA9SjMPzDM2ucNOMoMQLVeSOMDULqJirYBWJe0pAFgAGj1rMgBeNjTBYABAYoBA1VTRJIFBvCQmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCwQTgAtKmB-oCSmh0dHBzOi8vbXlwYXlsb2dpbi5jb20vcGF5LXN0dWJzL21vbmRlbGV6LWludGVybmF0aW9uYWwtcGF5LXN0dWJzLXcyLzIyNzAvgAMAiAMBkAMAmAMXoAMBqgObAwqxAmh0dAVgIHd3dy5iaW5nLgFeLGFwaS92MS9tZWRpYQFQ8EwvdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPThlNmMyMDhjLTZhNDMtNDc1NC1hYWU1LWNkMmRjOGFkZTgwOSZiaWRJZD0xNTAwMAEMVGRlcklkPTQmY21FeHBJZD1MVjMmb0EyXAAYcHVibGlzaAUpJDE2MjY0NTMzMCYBN5JxALhydHlwZT1udXJsJnRhZ0lkPTI4OTYyMTI0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8P1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzczNjUxNzkzNzU1MTQyOTg3OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRFV3TnpVeU5qSTJPVEUxTVRJak1qTXpOamczTkRVeU5qUTRPRGM1TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTgyLjU1LjEzMy4xNjaoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBe3c7MrRzs-JOcAFAMkFAEHoFADwP9IFCWUXAQFw2AUB4AUB8AXu5Dj6BQQIABAAkAYAmAYAuAYAwQYBIQExJNAGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH2NMF0gcNFWUBJgjaBwYBXvByGADgBwDqBwIIAPAHv8XuAYoIRwpDAAABjTh-o4Az2sdEbKDQ9ii1dK0njaEtkJGa_OwboNtbEAa2mo9Eg8jmgF7dvzafLt7xgRcn4iTZuRM3pZlWvs-5oRABlQgAAIA_mAgBwAjBBNIICQj___8_EAAYAA..&s=49c6d1436ec38008f020950157442dbe1d6602da
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
an-x-request-uuid
6a28cd54-87f6-4710-850b-fcf2c396e2e5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
182.55.133.166; 182.55.133.166; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
edge-logo-white.png
bid.underdog.media/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.underdog.media/edge-logo-white.png
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-64.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 03:21:41 GMT
via
1.1 c32320ec66084fc36ce5afbb4359a2c4.cloudfront.net (CloudFront)
last-modified
Tue, 17 Nov 2020 21:08:31 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
674541
etag
"876f68d4ff152e17573c3a8f3cc1a580"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15804
x-amz-cf-id
xpV3nt78Yr4vRhsJmGSQNW3nmxuVavImwlKAkSlAZgc2lBxUEnUwNg==
v1
mb.moatads.com/ot/ Frame FBB3 		47 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/ot/v1?url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&pcode=moatot&ord=1706049840874&jv=42448341&callback=OneTagNadoscallback_30135193
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/zenithglobaloracledcm444268370365/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.9.186.67 Bungarribee, Australia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
dce78658e0fab3421f0a09b8073d945f2613c88e043fc2f05c46d400eb7e3dce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
server
istio-envoy
etag
"7d59a1dc3272e503f084e35e4e8d536b39ea875a"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
6
timing-allow-origin
*
content-length
47
pixel.gif
px.moatads.com/ Frame FBB3 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&dMoatBDS=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F406587087795472235&i=ZENITH_GLOBAL_ORACLE_DCM1&ol=2290092559&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fmypaylogin.com&lp=https%3A%2F%2Fmypaylogin.com&t=1706049840874&de=890560283690&cu=1706049840874&m=625&ar=805b0ce1b97-clean&iw=0eae4ac&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A1174%3A1174%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=123&cd=0&ah=123&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1106306%3A30854470%3A385871515%3A208358873&bo=6604461&bd=mypaylogin.com&gw=zenithglobaloracledcm444268370365&zMoatOrigSlicer1=6604461&zMoatOrigSlicer2=N%2FA&zMoatOTC=30854470&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jh=-1&jm=-1&mr=0&ml=-&tc=0&fs=207009&na=1171800841&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 22:44:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A0A8 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BmwsNL0GwZf3zNK33z7sP_tqN4AsAAAAAOAHgBAI&bg=!fn2lfTLNAAa8BdJLnAU7ADQBe5WfOJDxmO3amFz2CNfmmL-EcPrgkWdHmRZ3d6IejT1LpCr-IRrzlLkGisPONsw88IoDAgAAAI9SAAAABGgBBwoASNwkVWLPnngoBCJPDqAIp2ZswJH9CY0UDYXpHE6Aq8I4roQMadP0iMtnyFFyDjrpouc3t8FjI7Vv1OqWAFUuuMgPVxmv05cGgpkC8Kvh11-P4yQO8oNp3E7YynLGX4dcPHD3cwJ342HW8kFPqkNMU58wyiNe0_6mQb-MooNARa_jKEUfCqPwjLJ1WP6zWANCDQDz7uIrtjxAp5t4MhSdSitqT0p605RSi318RzJbTBiVen08OTDXR_w-QPAt7ZI6Cjr6KyaBqibgLuyXBX3aZJ7IkuN9RunsV877of76yJFiD_xYFC8oHG6dBCwpaX1GIZrgT5HKKRBLWLe-YYbp6akubzorYmzVSQucLq2bMumPPb-ZXURlF66RxNpOCiAmQ2QwtIxgcnvUzL6l3W6tr_ilxXYMXe8MUWEqayV_Y_oZD0v49pr4K_Hgsa9KnEzf6udoUq4IICfAyT4IkUU0UgHbulKYqrYBN1Qooue7WHBG_y6MX_Q0b5etuXOfUQdArhtGtIoXJx3YxHkjuDm1nteXtZKHjwYxg39eBG7oJhoT7cOiUWpQQCSv0AsbR8TUychlVo1aHNITwM8-zVgZ4OyW6hheI1Cm62vqq7OE6XWeUoAemNMVu7OJRNLuwlAf85k-_iaJTihqYAtCX4pFViec6E3BjkGeXhCukVugpqIoydt_m9NrE6YfC1QHHNSGCG1SadVQcncR0MUYPbtCgKhOqaOAasuX_-p3Q6xy3u-FICvqJNBwqjEs2622UAfi4prEIWjXkvsiXoFeCeIOZiFk36c1tNfIGFdOEsZYX9oi0An0xtSQTqpt4QyQtBLf7CT64a9UgCxn_bzA_9Vs1Ac4KiwisQDxjKMuXNfGczFxMfmNlIINjos6SgtHcEp7zInOif2v0WQDyJVLVoZ-SNVwSplP6SnIMlFnQLn2Y4Cx0Cz9dieYwe5dgvdYo3OvHAflniPhGV-BCtJ3NpMe1PMnSNzR6F9UhvP-J0lprkrdfd8KAywGSGaUMFZHbEor8BJmkJPtkbTHB39FzSiesV4wL0J6NowZ-d8Gxi8U9cqWVjEhHnsRgcYAjki-iWBVI-AYIPaR79h2Qhhb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D754 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D754 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D754 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 13:13:57 GMT
x-content-type-options
nosniff
age
293404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 27 Jan 2024 13:13:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D754 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_&co=aHR0cHM6Ly9teXBheWxvZ2luLmNvbTo0NDM.&hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&theme=light&size=normal&cb=iaym3bq96ic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 14:54:10 GMT
x-content-type-options
nosniff
age
114591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 14:54:10 GMT
KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js
www.google.com/js/bg/ Frame D754 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__zh_cn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
sffe /
Resource Hash
2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_&co=aHR0cHM6Ly9teXBheWxvZ2luLmNvbTo0NDM.&hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&theme=light&size=normal&cb=iaym3bq96ic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 15:00:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
114229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6842
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 15:00:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E67 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwEBNMEGwZcTiNZW19fwPh6Gs2AcAAAAAOAHgBAI&bg=!f3ylfDPNAAa8BdJLnAU7ADQBe5WfONf2u3d_CcsnQwk19TzBiGgJC5J2xkl6IgvQZuJ73PVlyxUkXw3F67DlUUSv2iOEAgAAALRSAAAABWgBB5kC-C8tf37E1dIhV9Dmz77CGGVepALesmKYaT8peXzuySIvNv-jznNxkbEeUPcFtVSaLgQ3XNvFKgeeC__RHwlu569zMXF9_Rg-m1Seb2dsuo4T_8022Xmq-YtmQ0cjvs2Y5O58qHFtWBTtvQFFms7x1TcsHRFwRxl3F5yCLNTXWTz86hmv-WkSCLLqnRbj8HUxlHQa-prUs4-evwa9EbVpvhh6K5CPk9YbAtzUFdeuWMcZirbaVU25Lytcc9r8PwG22l4spHFr-4Hu3rOg09Erp9xKN-6Y-7eihg9TLZD-dJCA0QKW_ScZlWKZIPQQPeIGhez76j6gsBDA6p1KgBQXv25kt2Mxww-SS8PYnaVIKys6dgpQZiw-_nhOXhl2ehXDh1RYorDIpml9b4mVLrcbMmP7vxG3hxWUHRHIuV1jMfLZDMShUGGSbmamXnGtzY-TfEdD_DGdHHP7y41Ym5fbnBoKPJjFCx-ifcJd0D1koyKqikXQ6CyZmEK4P5tJ-9Lesca3IfVkN9A_0Xnh3IxEAJ0n0RGEDJavRTRXeHiFsiFPPf9yFVxqz6imYRsK6tflleWdeJU8kyOx0ZJ0Q-_KF6CPNTZKIR7K_pDO8XCN91quT4x0dQ7J3Rcg8Cy6txLk-DbJICiC5n85Z32zH0T-02UpFmfXXn7Pw2mW4cJ2TqynCn2gJJv0V0heYxm6j6KMT7XynSLkQ2zg1GoSSB6P5nawMCgkOSDbPtZBqLwUaJLD8fwAbCkZGMFUZ5Mhgzt5BF-VmSNqrWSNNfgxcDXxY1vbKOM6dgbUFBWtnjAdz_aSb92aed7ss4zLOFfCGX8w5EIB_WfrzzuJZ-daqGeDmD_HqNWEIhH6IdCoR2-tjP1fg9p64ts8Qkqp2dfpHoXX0hUW_VzktoTQQRiSHmHysWNPX5CwWS0Img5ZKa_ERdoeAbxachHdXcTI-C9NGZndAqGttxulSnu5iVomR3Reu7wHnALffrUtNHo8utpvKYxsgqrgq8WZVFU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame FBB3 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&dMoatBDS=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ZENITH_GLOBAL_ORACLE_DCM1&ol=2290092559&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fmypaylogin.com&lp=https%3A%2F%2Fmypaylogin.com&t=1706049840874&de=890560283690&cu=1706049840874&m=754&ar=805b0ce1b97-clean&iw=0eae4ac&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1174%3A1174%3A0%3A0&aa=0&ad=69&cn=0&gk=69&gl=0&ik=69&ic=69&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=123&cd=123&ah=123&am=123&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1106306%3A30854470%3A385871515%3A208358873&bo=6604461&bd=mypaylogin.com&gw=zenithglobaloracledcm444268370365&zMoatOrigSlicer1=6604461&zMoatOrigSlicer2=N%2FA&zMoatOTC=30854470&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jh=-1&jm=-1&mr=0&ml=-&tc=0&fs=207009&na=1396558700&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7507174334378103&output=html&h=600&slotname=8170439994&adk=3223681453&adf=2495711232&pi=t.ma~as.8170439994&w=300&fwrn=4&fwrnh=100&lmt=1706049839&rafmt=1&format=300x600&url=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706049839413&bpp=23&bdt=2198&idt=382&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5266943474363&frm=20&pv=1&ga_vid=692948144.1706049838&ga_sid=1706049840&ga_hid=61049458&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1100&ady=396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532523%2C95321963%2C95320894%2C95321627%2C95322166&oid=2&pvsid=3086412098281208&tmod=909580906&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=437
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 22:44:01 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D754 		105 B
212 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_&co=aHR0cHM6Ly9teXBheWxvZ2luLmNvbTo0NDM.&hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&theme=light&size=normal&cb=iaym3bq96ic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
GSE /
Resource Hash
ecee70821d659714460e00603cc4e03a4fa8521616c3b4d0b44f2cefc0ee94b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_&co=aHR0cHM6Ly9teXBheWxvZ2luLmNvbTo0NDM.&hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&theme=light&size=normal&cb=iaym3bq96ic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 23 Jan 2024 22:44:01 GMT
bframe
www.google.com/recaptcha/api2/ Frame 560E 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__zh_cn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
GSE /
Resource Hash
f9dcd9efbca6af4992031aef6d28bac96069392f7d39f51dcdaef199175b226b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uDrcQ8oxg_plKFjHr5GlIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uDrcQ8oxg_plKFjHr5GlIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
b1t-sindc1.zemanta.com/t/imp/impression/UVRIPLH5ATQHTU4WQK44GQW3YEYYPABKJ3SZVBRAL73IABGLAIIGULBND7BXQIRDVMZOW2V75AUSAKDWT7F4EJ5I6BAFZLM5OMMJNDV3WCVH5QVLQPPURNQ3VWDKDP2UAJ2NEGZBVZQEMBAIX56NNXVTSZ6HO... Frame 0C28 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-sindc1.zemanta.com/t/imp/impression/UVRIPLH5ATQHTU4WQK44GQW3YEYYPABKJ3SZVBRAL73IABGLAIIGULBND7BXQIRDVMZOW2V75AUSAKDWT7F4EJ5I6BAFZLM5OMMJNDV3WCVH5QVLQPPURNQ3VWDKDP2UAJ2NEGZBVZQEMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3C6YSJL5JKHGGOD6F3VA4ZUEXT6BLZWPVCW56QGBJ2VDPPGMY3CH5OTGUBJQCOK6HGEVBJ37YLV5SAQQGQFXG3V2RCQVVU3PRTYIBAKUFBJVNITSSHFWZJS73FX5PDFW2JS57MANPJETR4EGDSYYUGPP7YP763CO2C36O6C2WNBWDSAXVMA6MW2KZ2GSZULQ/?
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:01 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
truncated
/ Frame 0C28 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bc98ed208d494602e9e7eedf935a63247a202252e64bd2dc285c5c149aabf3f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 560E 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 17:05:04 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 560E 		490 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Le_Y2MUAAAAAGauYH23IvfPxTDoGUkyHyjDpeq_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
e881bf089d326461acc37044e7090f49ffb6584af18a2343f6da6d95d7acde93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199721
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:28:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 17:06:52 GMT
/
b1t-sindc1.zemanta.com/t/imp/impression/UVRIPLH5ATQHS24RYKHXVTDGAMYYPABKJ3SZVBT4JYMKIQB5763ZO6RP7F6EAM5GSNLDNRRZM27ZD2ZMXIDSOGEHWHR5VBXAYEGTRF2S5H3FZG5TF3NJFC66LJ6QCSGUYF2F4GDW2MIT6BAIX56NNXVTSZ6HO... Frame 8271 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-sindc1.zemanta.com/t/imp/impression/UVRIPLH5ATQHS24RYKHXVTDGAMYYPABKJ3SZVBT4JYMKIQB5763ZO6RP7F6EAM5GSNLDNRRZM27ZD2ZMXIDSOGEHWHR5VBXAYEGTRF2S5H3FZG5TF3NJFC66LJ6QCSGUYF2F4GDW2MIT6BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3C6YSJL5JKHGGOD6F3VA4ZUEXT6BLZWPVCW56QGBJ2VDPPGMY3CH5OTGUBJQCOK6HGEVBJ37YLV5SAQQGQFXG3V2RCQVVU3PRTYIBDGEBBWJDCHWM7VWZJS73FX5PDFW2JS57MANPJETR4EGDSYYUGPP7YP763CO2C36O6C2WNBWDSAXVMA6MW2KZ2GSZULQ/?
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:02 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
truncated
/ Frame 8271 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01e1c129dddfd14b2464a7a53b7f4e24766edc3f470823e9083c9cba71f17311

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 0C28 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8MY4L0GwZY_hNISFz7sP062FkAbXrJyCbsrq_Lz9EMCNtwEQASAAYL8FggEXY2EtcHViLTc1MDcxNzQzMzQzNzgxMDPIAQmoAwHIAwKqBPMBT9D8wAHppCO5kLDC61obGW9B4TReVaFsGLvDK7H7ls6tk4L2cknz_M2ItZTxPpX7ltMNHuFXBydcNjO68kUZ_gxUqALAwApIFJAsjuArZ-MfZJLa2nQ-oA2taEUwkld1_Dy6zjFQScDoFn2t6-RvuE_5MUqSIVRqKeGzpLiWdHwc7EFUMBsMA1coOuM_euaSinwND0gfUGkDsfwadnD5WottSgnKqJg153Cl6k7QKIRq50PBYKJg4XPN5QiNdWSWLDK841s5HHkr72WOfMmJb2y3j8MZvnYbKMy-YoJFNUPl8BxRbInZ7Ho3ymS4ZqIS0zEqgAa0vIPk8NHO0YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WP6SsvXK9IMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1MDcxNzQzMzQzNzgxMDMYAA&sigh=bo7sdtbT9qc&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_7bNfcGWqOMlMcORGvNR2XwoPTkOFyesG_ksLOm1VbKns3AES3zEqYNixuOFNVvaZ4sSONOjFhI1mlwOw4wWJST9IqNn0xvoYORgB&cbvp=2&vis=1
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 22:44:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/e6480085-ba40-11ee-9577-0992d8e2242b/ZbBBLwANMI8Bc8KEAAFW000ul0q0_bUo67eC2A/OLIOQPRYKQUYETXIX74J7JEOJ2262W63OUD7DYSENACZAD6DNAAN4PSWKWHKLXC2D3547D... Frame 0C28 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/e6480085-ba40-11ee-9577-0992d8e2242b/ZbBBLwANMI8Bc8KEAAFW000ul0q0_bUo67eC2A/OLIOQPRYKQUYETXIX74J7JEOJ2262W63OUD7DYSENACZAD6DNAAN4PSWKWHKLXC2D3547DJSAYFVIF5WZPEVNDJ63ZW5XW2YGWRLP7ITJHMTNWUE4OUUJRL5MINJYDEYCWB6B7MNOZ2WS6BEXGKFM3I6KFUTUJUGC7MKVF5VLDBHXH2BRS45WRMSVDPJYRWR6IYWRTGNW6Z4QBXSHRAXCJPEOVDTBBFGFGQGUFKOZCKKOJOXS5CRVYZPVPJ26FWRWZO2WMQJG3PGUTZM7ERCWNVAQG4S6GXJLKXDYN244NENUOVN6VL3X7SOLRH7XR3EK5OHWYGQKQ4FE5O575QE6PCOIFI3VJVKTMRXT357TPIZL6MT5CJ7T4JM3YAYIV3FWHAGBMN5D3ETOBQB3S4NIEIHQMJMGXMZUFXPXKYMZ6WX5GANFDP22CJKI34IR7ZLO5E2SAT5DISWRVZL3KXG7IIQ7RN2MIHXZ52BKI2PP3374EYZJOSWFJG5ROARUEPO2F7DN26U7WPKC4ZQL7VYMG3WMY27AWGZMJP4KUXBBDJ2JVJCG4PE2MCMJKA36XIKVDW5MV5BK2RHHZHE4GCBDMJZXCJ2NL35UD4DV6NXKQ3RN3455YJITPQPV3V4KRRMZLCBFMW4HORLTHJBSS7KXQCMRBZG3PXPATIOQSY2SUJS5VFV5WFQ26L2YYJKLS35GOBMGXCOUAG4E4TPXY5OTGFJE3XP43BDMOTCFWU7UDAKXG5EJRNLMP6EB7QN3EJHJ77WIBPO5X4KOR6TPI6RK44ES2MFTZKANEXWRCA/?amtw=&cbvp=2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 23 Jan 2024 22:44:02 GMT
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BA7 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoNCAEqCWxhbmRzY2FwZQoKCAIqBnNlcnZlcgouGiFkaXNwbGF5X2xlYWRfZm9ybV9xdWVzdGlvbl9udW1iZXIhAAAAAAAAGEAwAQoNECshAAAAAAAAOUAwARIaQ002MHN2WEs5SU1ERllUQ2N3RWQwMVlCWWciFmxlYWRnZW4vZnJvc21vdGhfaW1hZ2UoLA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8271 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cw9B0L0GwZZDhNISFz7sP062FkAbXrJyCbsrq_Lz9EMCNtwEQASAAYL8FggEXY2EtcHViLTc1MDcxNzQzMzQzNzgxMDPIAQmoAwHIAwKqBPMBT9DI5WOYQk4d16Yt3cvp6-BXlW_3eTQOJOApvrb_BK-6nlGsHQzdZMEG8FOKJ0Q6y9fnMlcxnYxAgArBeUhWD-P6i0iAXEuR5UqPYY9cbsIzHjA05sAg_JwlAZJ33Yo_sTEAjW_CdlTrw8Crm-WDKYjW5gl3bybszzvof3drDrmeYBm6DG0nLMccFelxLGNWs8QIOLVC8tDQiCJT8TVesVi2FUaR5v1PVzJfdDj5GZ-II6U5xdw_GK_OLjsPsQgPXFyE6xkn-mZi5edDhphsGxbXW0J-YQnt7e7IGDOi7nLSzfxwNc68vTc752zr9tEPF2WTgAa0vIPk8NHO0YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WP6SsvXK9IMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc1MDcxNzQzMzQzNzgxMDMYAA&sigh=FF1b8S_EykM&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_7bNfcGWqOMlMcORGvNR2XwoPTkOFyesG_ksLOm1VbKns3AES3zEqYNixuOFNVvaZ4sSONOjFhI1mlwOw4wWJST9IqNn0xvoYORgB&cbvp=2&vis=1
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 23 Jan 2024 22:44:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/e648f2a9-ba40-11ee-a20f-ba7992aff845/ZbBBLwANMJABc8KEAAFW0weyTyqgBVc6JLyebg/I5RDH5GBSBPLFEST32JWAAC3M6KX5YGGA2CCR5SENACZAD6DNAANZMXBVA27IQ4B7F57G7... Frame 8271 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/e648f2a9-ba40-11ee-a20f-ba7992aff845/ZbBBLwANMJABc8KEAAFW0weyTyqgBVc6JLyebg/I5RDH5GBSBPLFEST32JWAAC3M6KX5YGGA2CCR5SENACZAD6DNAANZMXBVA27IQ4B7F57G72DD7RT35SLIVS3CQDTDBW5XW2YGWRLP7ITJHMTNWUE4OUUJRL5MINJYDEYMWQZVFOQ6J6MNUMDQSEBA3D6WLB4YNJKCN3UUX4CNJTALZJG25M6Y3W6467YJLSBFVTFMQ2CL6TIC5R3Q7QRUVW4NPWDJ4VCPLE2MN5NAGN2XDFCUBNT43NHAJTXGW5RTKCPP3BC6X2KVPNRRVGRQ67HKZ76YONGIUHVENVDLGYCL5EYK3DPJ7IHIGUI4EBHI3FWATJZMN7CGKLVTFXKMIWNVLN4SQROTBXZV6ZT7TXHQEBED5PNS6Z2KOISTKJF3QU654Z7GZCIFSE2LSHQAVY4FFSBWEDVMC3MBHBPH6WH7CF4T7R2372QTRYJNRZPFEYQXTZV3PY2CCGXEZOKEKKHDNWQYZYPSRZJY2AGLZ3ADWYPCWWVCBKPJLOM2V3H2PTUAUYR2Z64E5Y2UAWYPKF3XEE6RAPNAMRIA5MCE6ZTI2JF6EKUOU6U5IF6F2CIVOBKIIJXOYK3A7ZJMPPU7YNLSCMC5Y577IQLJ7OTFRE3KDBLJRQ57P7WZHOHG2C5C3A6BKHQ7MR7JT5YJSUG2IW7AW4YELGTWAJ56HFQZMOXE4WJODOT76BBOPXY2SXGLQ7S5AWIGOERDAMYNXV7EKY3CSDMHTWPCCWUBEIUYK27ZYA3PSN3RCSBMKI6YFBQIAP2NY76RR6JXZYRW5IG4E226RKC4MWTR3PPBWQ/?amtw=&cbvp=2
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 23 Jan 2024 22:44:02 GMT
Content-Length
0
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame 8B8C 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 02:02:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
247286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Jan 2025 02:02:36 GMT
r.js
q.adrta.com/s/udm/ Frame 0628 		107 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q.adrta.com/s/udm/r.js?v=23.000&rcb=845097&cb=0.31007576
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/udm/aa.js?cb=0.31007576
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.56.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-56-183.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e193a3f239e35e0da483171aaa5b12db5cd117073fa15ab8046db2a797c43b49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 22:44:02 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
c.gif
www.bing.com/aes/ Frame 0628
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe55ded0-e7e0-4e6b-9971-371ad14cad30&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=8e6c208c-6a43-4754...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=387b878c7bef4f9f83da8fc8a450593d&SNR=1&GV=2&med=10
0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=387b878c7bef4f9f83da8fc8a450593d&SNR=1&GV=2&med=10
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Server
23.32.29.106 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-29-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5AC92276B17B417BB84303B29C546D7F Ref B: SIN30EDGE0517 Ref C: 2024-01-23T22:44:02Z
x-cdn-traceid
0.661d2017.1706049842.3641439f
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 23 Jan 2024 22:44:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EF7DCB1C136C42908ADC9CD418440D3A Ref B: SGEEDGE0414 Ref C: 2024-01-23T22:44:02Z
x-cdn-traceid
0.661d2017.1706049842.36414297
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=387b878c7bef4f9f83da8fc8a450593d&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame 0628 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.10239361667333_1FR2U9I5FZXFA73HI&pid=21.2&c=16&roil=0.0008&roit=0&roir=0.9975&roib=1&w=200&h=105&qlt=90
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.29.106 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-29-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e93687c23f1a36c2934f42f1397ecfc6c0632940ac7269fcf8590597d97288ea

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:02 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.661d2017.1706049842.36414296
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
7397
alt-svc
h3=":443"; ma=93600
rd_log
sin3-ib.adnxs.com/ Frame 0628 		0
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&e=wqT_3QKKBfBAigIAAAMA1gAFAQiwgsGtBhD2oYPlxuix7TMY3_zWmMXK5W4qNgkAAAAAoPWkPxEAAAAAWOmjPxkAAACAPQr3PyEREgApAQnooPWkPzEAAADA9SjMPzDM2ucNOMoMQLVeSOMDULqJirYBWJe0pAFgAGj1rMgBeNjTBYABAYoBA1VTRJIFBvDtmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAsEE4ALSpgfqAkpodHRwczovL215cGF5bG9naW4uY29tL3BheS1zdHVicy9tb25kZWxlei1pbnRlcm5hdGlvbmFsLXBheS1zdHVicy13Mi8yMjcwL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTgyLjU1LjEzMy4xNjaoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuiERVIgFAZgFAKAF7dzsytHOz4k5wAUAyQUhTBgAAPA_0gUJJXwBAXDYBQHgBQHwBe7kOPoFBAgAEACQBgCYBgC4BgDBBgEhATEk0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfY0wXSBw0VZQEmCNoHBgFe8G8YAOAHAOoHAggA8Ae_xe4BighHCkMAAAGNOH6jgDPax0RsoND2KLV0rSeNoS2QkZr87Bug21sQBraaj0SDyOaAXt2_Np8u3vGBFyfiJNm5EzelmVa-z7mhEAGVCAAAgD-YCAHACMEE0ggGCAAQABgA&s=4616b0bcdadd395741ca3497c5e88a885e0261bf&bdref=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F,https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
an-x-request-uuid
54df0fe3-96a3-4e35-8a50-30c9ee1d7b6f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
182.55.133.166; 182.55.133.166; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
sin3-ib.adnxs.com/ Frame 0628 		0
983 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&e=wqT_3QKoCPBAKAQAAAMA1gAFAQiwgsGtBhD2oYPlxuix7TMY3_zWmMXK5W4qNgkAAAAAoPWkPxEAAAAAWOmjPxkAAACAPQr3PyEREgApAQnooPWkPzEAAADA9SjMPzDM2ucNOMoMQLVeSOMDULqJirYBWJe0pAFgAGj1rMgBeNjTBYABAYoBA1VTRJIFBvCQmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCwQTgAtKmB-oCSmh0dHBzOi8vbXlwYXlsb2dpbi5jb20vcGF5LXN0dWJzL21vbmRlbGV6LWludGVybmF0aW9uYWwtcGF5LXN0dWJzLXcyLzIyNzAvgAMAiAMBkAMAmAMXoAMBqgObAwqxAmh0dAVgIHd3dy5iaW5nLgFeLGFwaS92MS9tZWRpYQFQ8EwvdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPThlNmMyMDhjLTZhNDMtNDc1NC1hYWU1LWNkMmRjOGFkZTgwOSZiaWRJZD0xNTAwMAEMVGRlcklkPTQmY21FeHBJZD1MVjMmb0EyXAAYcHVibGlzaAUpJDE2MjY0NTMzMCYBN5JxALhydHlwZT1udXJsJnRhZ0lkPTI4OTYyMTI0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8P1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzczNjUxNzkzNzU1MTQyOTg3OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRFV3TnpVeU5qSTJPVEUxTVRJak1qTXpOamczTkRVeU5qUTRPRGM1TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTgyLjU1LjEzMy4xNjaoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBe3c7MrRzs-JOcAFAMkFAEHoFADwP9IFCWUXAQFw2AUB4AUB8AXu5Dj6BQQIABAAkAYAmAYAuAYAwQYBIQExJNAGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH2NMF0gcNFWUBJgjaBwYBXvByGADgBwDqBwIIAPAHv8XuAYoIRwpDAAABjTh-o4Az2sdEbKDQ9ii1dK0njaEtkJGa_OwboNtbEAa2mo9Eg8jmgF7dvzafLt7xgRcn4iTZuRM3pZlWvs-5oRABlQgAAIA_mAgBwAjBBNIICQj___8_EAAYAA..&s=49c6d1436ec38008f020950157442dbe1d6602da&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=182&bh=90&sid=7139843351470667495&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28962124&sw=1600&sh=1200&pw=1600&ph=4471&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
an-x-request-uuid
2245fcd1-7954-40f2-95ed-7e2435bd4ae8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mypaylogin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
182.55.133.166; 182.55.133.166; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7O2X,pingTime:-10,time:1360,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706049842374%7C%7C87bc61540dcd019801898729f60bfc07%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C6227715c30bdbdd033af7539548a09bb%7C%7C7b5f52ac6729d3c0c0dcc4d5d8076748%7C%7C15f2c1721ab4d7eb1c76ba28dc462b4a%7C%7C8950c1ce2d2b551586d3be2f56f0f7dd%7C%7Cfb078797bfabb13f51996f9b8ed27d8b%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
4249
ads.everesttech.net/ads/mts/24651/ Frame AE12 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsub5z2V4sA8g8zG7ffzo8tnjYRp0qV7gwTRbcJjeQ_CSCsri8OGSuvj18XNgVtqcCjEt0gdpQZFCwYmY8UD91PJLfU5QkrDwSDmD-t7w8Qg_WxHti8kpY_mvSiTQc0gG4ik8bgOx6CLn50D1dFpIXyfcBoGkB1Ahp3L8QYTbI5Jdlf8vm473DTOrvp3ZRDQkDdr4uTjOzSPFPITRZneiNxr8ZZbfpQg2Tc3e1YaXzd_-kKS8Lko2j_4R14j3v5D_TK5dNPrkzbsgpG-hLDbx7mragUmrL8Vt06vLm2qIs6aSYnOekq7841zOGmW7On_2DPh9z9OqMXan0LOgR-Ngp6-0YqzHENv_NNY7kYZVChLFE9skATAlqzlRvC20gPCQq1pCcOcLfrDHtPT1bmteWMog0xHO7CowtthGpmVGEpwOIMtDU_1nv-JPcxWZsnkrOkRVA441AWZYBSMcdtZXVlnwgIZrqxQ6wkautTU-8TAR1J4iwb8iYIxV-YlYCByUf0oRF2w4ayLoC2o7BqH7DOkhxRGShfnpv96zBl69DzEUclJz0t_0I8dR282iw_BXcyJv3AssOcdfZaI9BQcSthZe_ykFYpDuobVAUQ37TmhmZE0XCXAvN7My9Wtlw5kbC_netLhnoe-QJqrgsDv5V7ITrC0t9PEukdvlG8gsHsjiKnq34-mmrNotlrN_jOtLvm-gyla85Ps3Ayq9ghe-bYU4jsvoi_9oIbmVAy0tPCa7vZVIUknW8_ckoFbcpzj4uIYS72gCiLSNp_fucfmDLp9NXVaIJHUybhSjcfqVTX8n7rVp9BlZVTcuKRswGxvhUs86dOXLzinRRGVm2ydd1MzeQQortnc445fyCdUB3dxlzPMI6WDZkwx8xuFz37kY81iSaPv2r4aWLb0aojAxcElc3kEguo_aKJN57MmP6nF0KvS-nKvBmWOz4kZ42T1xfinf0yC1cwN8ZJaHR2eTn_jLVfil-xgMDbH8xa0fLpOREQcxokUCfaBnaYGS1f93a6E_oUnhvvgwbIct3tpX1hKawMdhXAHuxxf11u9x1YATKP6yPKL5zc4MmOuUsoQw1-pUKYLStij0GJMCyIC8qktEun4f1QbDJx9ct2HF3ZWf0LJFFjRhPH5-Ez56KElwO157aEGh9S-n52sfjZVNpeyhgigEOUcfJvX8v-f3R4RI9-zOTL6oYHr52bMZDP2pf2ftk3Mi0ijiaV7fxrHBz74Er_Sqn4h1T0pf-0yiLySSXFhX5-XQDvNBSTQ4mrc8raO%26sai%3DAMfl-YSWekufdMVevV7fTP4p3eMrLrQNeSIXugPMaq_LLjCa8HlEa-ju6cDAhVbocABHKgEPYzE2N982CboQZDzn4XPZtXh-pJx_3YFD3bTnhCu8dXKb_UWtbJU9S-fclsECqj9RIG6Y0mZzE2bibQH9dqw693CU4KKlxOCJ8UpSCsG0yIhGmPT08TA5DdlSQyIs1_EIEYiZfSWMyjXnTGQIuwpJaWifjYBGVbbjZhHq0D67cA28iz1ItGBlyMYMTaJNkmKTvDbVwvMO1s1ea7MGeW4lX6KDRZp1uXHUB3Q4D5FYYhSIk5g%26sig%3DCg0ArKJSzL6oumVcaI5OEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30056140&DFA_PlacementId=369677253&DFA_AdId=560290187&DFA_CreativeId=168629754&DFA_SiteId=6958819&TC_1=cmm9nzf93z2&TC_2=30056140&TC_3=369677253&TC_4=168629754&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056140$dcmadid|560290187$dcmrenderingid|168311820$dcmsiteid|6958819$dcmplacementid|369677253$customer|Microsoft$dv360auctionid|ct=SG&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369677253&edge=y&html5=y&nr=0.8248994361391202
Requested by
Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsub5z2V4sA8g8zG7ffzo8tnjYRp0qV7gwTRbcJjeQ_CSCsri8OGSuvj18XNgVtqcCjEt0gdpQZFCwYmY8UD91PJLfU5QkrDwSDmD-t7w8Qg_WxHti8kpY_mvSiTQc0gG4ik8bgOx6CLn50D1dFpIXyfcBoGkB1Ahp3L8QYTbI5Jdlf8vm473DTOrvp3ZRDQkDdr4uTjOzSPFPITRZneiNxr8ZZbfpQg2Tc3e1YaXzd_-kKS8Lko2j_4R14j3v5D_TK5dNPrkzbsgpG-hLDbx7mragUmrL8Vt06vLm2qIs6aSYnOekq7841zOGmW7On_2DPh9z9OqMXan0LOgR-Ngp6-0YqzHENv_NNY7kYZVChLFE9skATAlqzlRvC20gPCQq1pCcOcLfrDHtPT1bmteWMog0xHO7CowtthGpmVGEpwOIMtDU_1nv-JPcxWZsnkrOkRVA441AWZYBSMcdtZXVlnwgIZrqxQ6wkautTU-8TAR1J4iwb8iYIxV-YlYCByUf0oRF2w4ayLoC2o7BqH7DOkhxRGShfnpv96zBl69DzEUclJz0t_0I8dR282iw_BXcyJv3AssOcdfZaI9BQcSthZe_ykFYpDuobVAUQ37TmhmZE0XCXAvN7My9Wtlw5kbC_netLhnoe-QJqrgsDv5V7ITrC0t9PEukdvlG8gsHsjiKnq34-mmrNotlrN_jOtLvm-gyla85Ps3Ayq9ghe-bYU4jsvoi_9oIbmVAy0tPCa7vZVIUknW8_ckoFbcpzj4uIYS72gCiLSNp_fucfmDLp9NXVaIJHUybhSjcfqVTX8n7rVp9BlZVTcuKRswGxvhUs86dOXLzinRRGVm2ydd1MzeQQortnc445fyCdUB3dxlzPMI6WDZkwx8xuFz37kY81iSaPv2r4aWLb0aojAxcElc3kEguo_aKJN57MmP6nF0KvS-nKvBmWOz4kZ42T1xfinf0yC1cwN8ZJaHR2eTn_jLVfil-xgMDbH8xa0fLpOREQcxokUCfaBnaYGS1f93a6E_oUnhvvgwbIct3tpX1hKawMdhXAHuxxf11u9x1YATKP6yPKL5zc4MmOuUsoQw1-pUKYLStij0GJMCyIC8qktEun4f1QbDJx9ct2HF3ZWf0LJFFjRhPH5-Ez56KElwO157aEGh9S-n52sfjZVNpeyhgigEOUcfJvX8v-f3R4RI9-zOTL6oYHr52bMZDP2pf2ftk3Mi0ijiaV7fxrHBz74Er_Sqn4h1T0pf-0yiLySSXFhX5-XQDvNBSTQ4mrc8raO&sai=AMfl-YSWekufdMVevV7fTP4p3eMrLrQNeSIXugPMaq_LLjCa8HlEa-ju6cDAhVbocABHKgEPYzE2N982CboQZDzn4XPZtXh-pJx_3YFD3bTnhCu8dXKb_UWtbJU9S-fclsECqj9RIG6Y0mZzE2bibQH9dqw693CU4KKlxOCJ8UpSCsG0yIhGmPT08TA5DdlSQyIs1_EIEYiZfSWMyjXnTGQIuwpJaWifjYBGVbbjZhHq0D67cA28iz1ItGBlyMYMTaJNkmKTvDbVwvMO1s1ea7MGeW4lX6KDRZp1uXHUB3Q4D5FYYhSIk5g&sig=Cg0ArKJSzL6oumVcaI5OEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30056140&DFA_PlacementId=369677253&DFA_AdId=560290187&DFA_CreativeId=168629754&DFA_SiteId=6958819&TC_1=cmm9nzf93z2&TC_2=30056140&TC_3=369677253&TC_4=168629754&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056140$dcmadid|560290187$dcmrenderingid|168311820$dcmsiteid|6958819$dcmplacementid|369677253$customer|Microsoft$dv360auctionid|ct=SG&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369677253
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.189.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-189-200.us-west-2.compute.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
7e94a2942a196d41f4c6e562b10101ef7a1d4d8eed39e93b37fa4d1a2221cfa8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/javascript;charset=utf-8
pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server
AMO-jAds/1.1
expires
Tue Jan 23 22:44:02 UTC 2024
cdnf.js
pix.adrta.com/ Frame 0628 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pix.adrta.com/cdnf.js?v=23.000
Requested by
Host: q.adrta.com
URL: https://q.adrta.com/s/udm/aa.js?cb=0.31007576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-21.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
o8Dqn2fSaANd7t63xhmbtoZe_cmSJAMf
content-encoding
gzip
via
1.1 941acf135bdda975383e37976690acc6.cloudfront.net (CloudFront)
date
Tue, 23 Jan 2024 04:21:59 GMT
last-modified
Sat, 28 Oct 2023 05:29:11 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P2
age
66125
x-amz-server-side-encryption
AES256
etag
W/"82b6743c32bc1214117ff9c6593e4ac5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
K_GHXG9PS-Tv-7EbrGoSb0JPAvjJw1bWcV4eveBGxgCa9GyyWGXK2Q==
pixel.gif
px.moatads.com/ Frame FBB3 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&dMoatBDS=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ZENITH_GLOBAL_ORACLE_DCM1&ol=2290092559&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fmypaylogin.com&lp=https%3A%2F%2Fmypaylogin.com&t=1706049840874&de=890560283690&cu=1706049840874&m=1804&ar=805b0ce1b97-clean&iw=0eae4ac&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1174%3A1174%3A2222%3A2221&aa=1&ad=1121&cn=69&gn=1&gk=1121&gl=69&ik=1121&ic=1121&ez=1&co=1121&cp=1111&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1111&cd=260&ah=1111&am=260&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1106306%3A30854470%3A385871515%3A208358873&bo=6604461&bd=mypaylogin.com&gw=zenithglobaloracledcm444268370365&zMoatOrigSlicer1=6604461&zMoatOrigSlicer2=N%2FA&zMoatOTC=30854470&zMoatOT=1&zMoatOTR=1&zMoatOTG=1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jh=-1&jm=-1&mr=2&ml=30854470&tc=0&fs=207009&na=553981478&cs=0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 22:44:02 GMT
pixel.gif
px.moatads.com/ Frame FBB3 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&dMoatBDS=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ZENITH_GLOBAL_ORACLE_DCM1&ol=2290092559&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fmypaylogin.com&lp=https%3A%2F%2Fmypaylogin.com&t=1706049840874&de=890560283690&cu=1706049840874&m=1805&ar=805b0ce1b97-clean&iw=0eae4ac&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1174%3A1174%3A2222%3A2221&aa=1&ad=1121&cn=1121&gn=1&gk=1121&gl=1121&ik=1121&ic=1121&ez=1&co=1121&cp=1111&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1111&cd=1111&ah=1111&am=1111&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1106306%3A30854470%3A385871515%3A208358873&bo=6604461&bd=mypaylogin.com&gw=zenithglobaloracledcm444268370365&zMoatOrigSlicer1=6604461&zMoatOrigSlicer2=N%2FA&zMoatOTC=30854470&zMoatOT=1&zMoatOTR=1&zMoatOTG=1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jh=-1&jm=-1&mr=2&ml=30854470&tc=0&fs=207009&na=598075452&cs=0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 22:44:02 GMT
pixel.gif
px.moatads.com/ Frame FBB3 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&dMoatBDS=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ZENITH_GLOBAL_ORACLE_DCM1&ol=2290092559&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fmypaylogin.com&lp=https%3A%2F%2Fmypaylogin.com&t=1706049840874&de=890560283690&cu=1706049840874&m=1806&ar=805b0ce1b97-clean&iw=0eae4ac&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1174%3A1174%3A2222%3A2221&aa=1&ad=1121&cn=1121&gn=1&gk=1121&gl=1121&ik=1121&ic=1121&ez=1&co=1121&cp=1111&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1111&cd=1111&ah=1111&am=1111&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1106306%3A30854470%3A385871515%3A208358873&bo=6604461&bd=mypaylogin.com&gw=zenithglobaloracledcm444268370365&zMoatOrigSlicer1=6604461&zMoatOrigSlicer2=N%2FA&zMoatOTC=30854470&zMoatOT=1&zMoatOTR=1&zMoatOTG=1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jh=-1&jm=-1&mr=2&ml=30854470&tc=0&fs=207009&na=2132370405&cs=0
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 22:44:02 GMT
html5-ad-script_v4.html
dco-assets.everestads.net/ics-campaign/static/dco/ Frame FBB8 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbBBMgAAKKt2amCi
Requested by
Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsub5z2V4sA8g8zG7ffzo8tnjYRp0qV7gwTRbcJjeQ_CSCsri8OGSuvj18XNgVtqcCjEt0gdpQZFCwYmY8UD91PJLfU5QkrDwSDmD-t7w8Qg_WxHti8kpY_mvSiTQc0gG4ik8bgOx6CLn50D1dFpIXyfcBoGkB1Ahp3L8QYTbI5Jdlf8vm473DTOrvp3ZRDQkDdr4uTjOzSPFPITRZneiNxr8ZZbfpQg2Tc3e1YaXzd_-kKS8Lko2j_4R14j3v5D_TK5dNPrkzbsgpG-hLDbx7mragUmrL8Vt06vLm2qIs6aSYnOekq7841zOGmW7On_2DPh9z9OqMXan0LOgR-Ngp6-0YqzHENv_NNY7kYZVChLFE9skATAlqzlRvC20gPCQq1pCcOcLfrDHtPT1bmteWMog0xHO7CowtthGpmVGEpwOIMtDU_1nv-JPcxWZsnkrOkRVA441AWZYBSMcdtZXVlnwgIZrqxQ6wkautTU-8TAR1J4iwb8iYIxV-YlYCByUf0oRF2w4ayLoC2o7BqH7DOkhxRGShfnpv96zBl69DzEUclJz0t_0I8dR282iw_BXcyJv3AssOcdfZaI9BQcSthZe_ykFYpDuobVAUQ37TmhmZE0XCXAvN7My9Wtlw5kbC_netLhnoe-QJqrgsDv5V7ITrC0t9PEukdvlG8gsHsjiKnq34-mmrNotlrN_jOtLvm-gyla85Ps3Ayq9ghe-bYU4jsvoi_9oIbmVAy0tPCa7vZVIUknW8_ckoFbcpzj4uIYS72gCiLSNp_fucfmDLp9NXVaIJHUybhSjcfqVTX8n7rVp9BlZVTcuKRswGxvhUs86dOXLzinRRGVm2ydd1MzeQQortnc445fyCdUB3dxlzPMI6WDZkwx8xuFz37kY81iSaPv2r4aWLb0aojAxcElc3kEguo_aKJN57MmP6nF0KvS-nKvBmWOz4kZ42T1xfinf0yC1cwN8ZJaHR2eTn_jLVfil-xgMDbH8xa0fLpOREQcxokUCfaBnaYGS1f93a6E_oUnhvvgwbIct3tpX1hKawMdhXAHuxxf11u9x1YATKP6yPKL5zc4MmOuUsoQw1-pUKYLStij0GJMCyIC8qktEun4f1QbDJx9ct2HF3ZWf0LJFFjRhPH5-Ez56KElwO157aEGh9S-n52sfjZVNpeyhgigEOUcfJvX8v-f3R4RI9-zOTL6oYHr52bMZDP2pf2ftk3Mi0ijiaV7fxrHBz74Er_Sqn4h1T0pf-0yiLySSXFhX5-XQDvNBSTQ4mrc8raO%26sai%3DAMfl-YSWekufdMVevV7fTP4p3eMrLrQNeSIXugPMaq_LLjCa8HlEa-ju6cDAhVbocABHKgEPYzE2N982CboQZDzn4XPZtXh-pJx_3YFD3bTnhCu8dXKb_UWtbJU9S-fclsECqj9RIG6Y0mZzE2bibQH9dqw693CU4KKlxOCJ8UpSCsG0yIhGmPT08TA5DdlSQyIs1_EIEYiZfSWMyjXnTGQIuwpJaWifjYBGVbbjZhHq0D67cA28iz1ItGBlyMYMTaJNkmKTvDbVwvMO1s1ea7MGeW4lX6KDRZp1uXHUB3Q4D5FYYhSIk5g%26sig%3DCg0ArKJSzL6oumVcaI5OEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30056140&DFA_PlacementId=369677253&DFA_AdId=560290187&DFA_CreativeId=168629754&DFA_SiteId=6958819&TC_1=cmm9nzf93z2&TC_2=30056140&TC_3=369677253&TC_4=168629754&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056140$dcmadid|560290187$dcmrenderingid|168311820$dcmsiteid|6958819$dcmplacementid|369677253$customer|Microsoft$dv360auctionid|ct=SG&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369677253&edge=y&html5=y&nr=0.8248994361391202
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3934
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 22:44:02 GMT
ETag
"1b5be864a-3fce-60eab39e88480"
Expires
Tue, 23 Jan 2024 23:44:02 GMT
Last-Modified
Thu, 11 Jan 2024 13:07:14 GMT
Server
Apache
Vary
Accept-Encoding
X-Permitted-Cross-Domain-Policies
all
truncated
/ Frame AE12 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
648b8cc70a9b4cfb42be64502746cd4020ccb63a1d664972dd9bb5ab9620923e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame FBB3 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssU_LNv9D-VFxWI2fN-EN5oUrR0QLPAy8CCT79Winhrl3D-PGE9gVwFhdI2m6UJHU2mVwYX6aQCD52W5N1zKIe7hVwB8bGlGBIXh1OE2f8XlCgXfNBk_TLOFbd-xbNPkjIkG4RbaXRrrQTtw_MTAUuxnVL5&sai=AMfl-YQcfX4qnRTT3VYuBmy8hvgz18eEQhc6cNOrQtNGmsFyFhuPhpUTznj9EBjrmK3nVCIllrB-JZnUvpFN66keMICOqEn8SZiil1QlNr3hyBI1y6BwNdJpupF73Gv4e4kh8Whj-qzx30yis5mM-U1y&sig=Cg0ArKJSzDBczY8HMpMyEAE&cid=CAQSTgAvHhf_bqegVWGxhj3ZYhRqmTvf99bSdJemVIbzy7wtV-IMRLn40mh1XkD1jRXWzxvztTQ9uamf-VDizFYQJCHTViWC6AQQppwRTpRVsRgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3223681453&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706049839851&rpt=2119&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mraid.js
dco-assets.everestads.net/ics-campaign/static/dco/ Frame FBB8 		0
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbBBMgAAKKt2amCi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbBBMgAAKKt2amCi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:03 GMT
Last-Modified
Thu, 11 Jan 2024 13:07:14 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"1b5be864b-0-60eab39e88480"
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Tue, 23 Jan 2024 23:44:03 GMT
/
b1t-sindc1.zemanta.com/t/imp/view/UVRIPLH5ATQHTU4WQK44GQW3YEYYPABKJ3SZVBRAL73IABGLAIIGULBND7BXQIRDVMZOW2V75AUSAKDWT7F4EJ5I6BAFZLM5OMMJNDV3WCVH5QVLQPPURNQ3VWDKDP2UAJ2NEGZBVZQEMBAIX56NNXVTSZ6HOVWAHYF... Frame 0C28 		26 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1t-sindc1.zemanta.com/t/imp/view/UVRIPLH5ATQHTU4WQK44GQW3YEYYPABKJ3SZVBRAL73IABGLAIIGULBND7BXQIRDVMZOW2V75AUSAKDWT7F4EJ5I6BAFZLM5OMMJNDV3WCVH5QVLQPPURNQ3VWDKDP2UAJ2NEGZBVZQEMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3C6YSJL5JKHGGOD6F3VA4ZUEXT6BLZWPVCW56QGBJ2VDPPGMY3CH5OTGUBJQCOK6HGEVBJ37YLV5SAQQGQFXG3V2RCQVVU3PRTYIBAKUFBJVNITSSHFWZJS73FX5PDFW2JS57MANPJETR4EGDSYYUGPP7YP763CO2C36O6C2WNBWDSAXVMA6MW2KZ2GSZULQ/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Date
Tue, 23 Jan 2024 22:44:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
/
b1t-sindc1.zemanta.com/t/imp/view/UVRIPLH5ATQHTU4WQK44GQW3YEYYPABKJ3SZVBRAL73IABGLAIIGULBND7BXQIRDVMZOW2V75AUSAKDWT7F4EJ5I6BAFZLM5OMMJNDV3WCVH5QVLQPPURNQ3VWDKDP2UAJ2NEGZBVZQEMBAIX56NNXVTSZ6HOVWAHYF... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-sindc1.zemanta.com/t/imp/view/UVRIPLH5ATQHTU4WQK44GQW3YEYYPABKJ3SZVBRAL73IABGLAIIGULBND7BXQIRDVMZOW2V75AUSAKDWT7F4EJ5I6BAFZLM5OMMJNDV3WCVH5QVLQPPURNQ3VWDKDP2UAJ2NEGZBVZQEMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3C6YSJL5JKHGGOD6F3VA4ZUEXT6BLZWPVCW56QGBJ2VDPPGMY3CH5OTGUBJQCOK6HGEVBJ37YLV5SAQQGQFXG3V2RCQVVU3PRTYIBAKUFBJVNITSSHFWZJS73FX5PDFW2JS57MANPJETR4EGDSYYUGPP7YP763CO2C36O6C2WNBWDSAXVMA6MW2KZ2GSZULQ/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD, GET, OPTIONS
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Max-Age
600
Connection
keep-alive
Date
Tue, 23 Jan 2024 22:44:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AE12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlP3OOzE3XS8FAufgmm7MI_5rfdKRGIhRG0bCHlJp_C_unEKCsweTaEx0ljxNMhuZEj4TTVevPD0kDoyE2DSbmgYaSbR66Z0SZ_mspt1UtqxlQxjv31z3mB6smcP69wJkBIcUUNBe_6vhmE1q5CNW1XlVD0Ya2snFmzhOT&sai=AMfl-YQlBixi6c20JKKW9FeqGJp9XQmYFDD2J6oFzq5rEkOx0Yoj5lsVbBcdXiQ5oJlF5RbWpqliB45xJ1Kz5Uhf6XqgQYl5q9658_Rx3s8z-qNPWoWgo8kIemjkPZXmPw&sig=Cg0ArKJSzExn3o6_LEDVEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1830&vt=11&dtpt=1829&dett=4&cstd=0&cisv=r20240122.23406&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-DINmsOIenNhkYWzAisaS6JBN5fDKhdgn--H5PlwuVUm3FN6Qiezt62R-U-MFku9BbYAiecJ_WtfNYKaUwJ7a_wTuP3PShAQ1f6dbhiMPWt6etVsT9PazS2K1vgRyzj5pEN7bBOdkhkIgcdhODp4H8N_iRr4FVLMx7xBucjHpM7O4uq9BDlpNpwR0xjW2NZA1QhNsdUEtkUAKAmf-C5owXEby98h4FCaV4jcwzktgEQA9XuZS8sUz_RpV8oE2CVGh0OImziD-bR5bd16_fa-n85YTn_A4dW4j-frd2lggpWGEXTm9vBAcgW5DbwTfs5XBto-n6UCMhDE-jQjNJ-6zw_leyEDRP9Brnnu_jci6hiCrm8gnMI8mpollK1PzoqCCDgHpara1yTra0UzF6Lzp9yiOqW4WQio8jYcd3QNeJmZ741dL8lHg0JpByKu_D8c6WksSzU3Fog0lRdMcUgODuK1nlAatjJuI1DeElDCKQEjc65nrwjE7HigowAvkc2x6vkd-f2Arqwdv6k6_XyuFHhL9vr-eWL-amjH8TpiH3flQrbR5QxLWwjNZ9qT79L82qTpIkA2i9A3hQfNQRdGaCcI8A_pQFqaZWFMsXXA8Uy2WoX1QMVLRuyqT0nVpp2vz1qg6o0ItebSAnK2vMZeoYD8tyzgwOdYA9n1D7C1JE0X9X6fQE_nn03mMsi82oTx-utO4JYCaFThB8uSjh_ta4Rple1NC-xxWozb9nWmmWreWKntU1l8egw7LfYZZidqqyCmgjXjRbwHgDsEeDqAhNPUg8Ny6aTf95pBeD8eztgu1rOieNIuFNwRCYw7Ql03xvVXNwoTj5cdLKYUlBOlJ92HMYPK9LIRt4_34xNHGwvNFs0peJ10i7a11JdjZOUSqOGyy7XLs1NyIBlZhRHnz4V64QHgWlZ10o4N7_4OOx-cjkWDFUJ3K92TtEemec9EC6V8FLCcJLeiQU7op0C5v-0kiN0i6EmF0IjFOMFj6Kj3xGqKtv4uxzdMNEXNMziT8h0m9sx_Y8zHG8dmFTiioHHv_O5ii_ijy2DiOeFaGjP77ZC6pIt19Nfb6aWrFcFaZVE067rl5HNC5mwkR2Ih6j5tOgoc8Dv4801rrMj5eZjsU1C1kBMzUepic-EQ4IIUmFvn2kfidvWD88RCRqRyyYPQg7vSzdqhV-ovH85V2g4KJkkFwSJdcPhBlQy3S30wnCeR-kwNrETWdk7DimIEp4Z2B6XUE0Cafp6ESskPM4nxnkqDBB3KmuCipshBHb9VVf4t5Jh_N9mokLd-MbHBHtDyZKAASjejIcG61yXENdwptInvH-vGE8XAEO-eRtJS3rLvICUo7szqK3FjYPEZ-Wabx5s5FEtrdMz92MHCqLiMJX0hdg_EsnXP_BzonsfdWkG7NUYFmDMj4kD_4DtR5zxaK4DTRsln7R3E_LcaCODU6uToroEMSpeoYhPY4JLYkyut05iLFds-Eoe1BWhBsipBpS8ttYkjmTHEyFOytVkGU_M3guXNCuP2d7J441AcydMo-Ya7r-6xgHKbIlFCxfUB3ZKjRgHvIvyQul31F2lHj4bCp75DYgg1zRhyFAwxLZMi66vO9IeH5kWAiVqJR16ItoQItIYWNMWU2_zO7M0ahnoAaOYxn8LTakOASC_onlArQbYj2Del8djaMNamrHWZIT4x2RojquuxBarJQIn1_idLbHSo9v_hC1ek_cJ3qL7krL7mgsyOLd6uwbiQuTiTr2-JLHlW7FIZgmzsXlHoyB3Ahw3wvMnNOBbDCvxBVUCl3lmcBuDLN1jXj89X1Gv0ywA8uKI-dHGs2tWbOhDpMCZnCOkHJqku4dGTg-9a1CE3WEoYLxCeCDZcFueBOlvKaVwwz-4O67sJetiev-LV4DaL0EEtGwRA0t2CduvX6Yl1BpTnGwEAFcxPEobeSqehTHFSbQsleWhUD063Oj_PuqUpcsI9ealAaGAyZbbnJml2A1veAZRXmCNYvrzfVuCb9q_7kCMPM613ceLnJw67b_HOd-wqJzTDrxrmRd1Vk4wR2fzwpH6OvX344kT0YeEZP8FD4hsYwF_CqRDdpuv9m_UiHlC88qzih2eDKsH4iKel2APOojCjsbj0O8o68iQUxV_rXvdGLHllhf0LQIKz45QXfHByNYqolsyEvg4harU-m2cA7trubg7ytiD3g-IhXOjKS0wXNfPM3ZfXGk7KhcsIR-LtMtesugEq4ZlRHGnPzZaQ8LRrNATEP48WOcO_zx3H9i8qROwD8N0PeVo6bi3kOnDjeFTYy3depriADsxYx48WrSgnnWh-KbqsMTHJcoFmKyAZSaxnecg6SCumJurFRtN9H3x1QidCmx0Ue6IiQRlZER37PxekcJrowatlMpjBoxpJmkcafJIGkmxWIQWUZQTeMO-CEaZvKdSM67RRWelWwgitSg0e6ptrgf5tfKG9BSwT42DOZQZ131N4O5CXV_YY4au2_hU3LEZEk9-q71NA4kpSWEs2JJ6ixvJ54tDglLi4dmEKyjbmPvOcax5O8g_b37AvmXouBCiUVULD8EyimojqJUhLYsdjqSdjvgBzRSoW1kDjlC-XuINJ8ESRyGTn0l1h_4oMia1A9UjO-Y9ctja0VojBLYCnkjSsDogYuwyYPIZa-q5SOsIA6r2kPFyEiQamR9wOC9nE0vzUPqPS0eMZlsSb4usH4KT21chKWm52rWyHsK0Tdj8ZXxICQDAeIcT3h6lTTheItdoiQ6XVpnDW0rdZS986O_rIL0kbEcKGIT7480gMSLlEy4nm6UCtUgpUEFL2uMpvuLlGIHiCL7Gm_qPJ-G6zGsCatpTgTzZst0kSEWx7-PpDzbqlZg_ZWpi8F6SBskAQkSI_ayxk-jeCGTWDOEDdHXaER7geHcSUTd4WVlb50ytFe3m7c2tFmoGXakZCTQ95DuCUtV1B2HaQxc3DyjukSJm4lu4UJyJEzPSNH9HSsygxNx3W21Lje7_8QlaZm8rkrrwIIU3yy2nMvZWupD7IN2V2cF3nyWKRQpMU05TA-19wnK1fn0FsJx1aanXeyCscXaX0EPr-WVHRruhGB6sHyKNxgsnCNtk7tqiihhfUIFZxiJKKc5pj4zHfcAHG0op6gnHs3oI_y2kyElv6FpoUpTE9qQ4v48swfOXoYKwa3i9aitzdPNIbvkDNnaZpntSJTE58clGuQUbaLvAjnrretx_uSYPzXpnOLRTGFl5y7iuh6c90Wrd1L9jQFguMsSAZvb0f-r2cHgAe8eUwcOqklb5X2hbVTH-TbchH6QFUMwfL_khkUZEc3ddiKVT_BHz-j_Ki2RByNmuoATCgG_8nSvo9gUHfJBia0eD38pKZ247cvTxlCR51BhukOLYVgpavtOnukUmz4FdW7Gxrja5SaQQyqXQMRXM8g30tfhUDhO43dohgNWEbYMRG0eIq94dgAylgu8MtPqmov_pPzbcAJ6WCGqOmX-U6G-EWE_ZmCNhVMYV4LVo_rJ4VWx5xKIHjlCowe2Ygpr_aq2LENRsrZJCrezyJvZvYL0H6C3CpXv6A4yUd6dHVWGlQ5thigJRsysIaEGwvdQC8dbB4hF0iAJLmM8Xipq5TZPybXLsfsfkhEGMd21KvgysgDnjl3HgQfMWAF05IdFiAPtfuJvi6zq_5TN9v5HAHUaJshn2II4gqQuF1k7QSHQJFGgDcWXPde4q3XYNDOrCO1LfNd9Lkh3wGlQIBBJOAC8eF__ts19wZao4yUxw5Ea81HZfCg9OQ4XJ6wb-Sws6bVVsqezcARLfMSpg2LG44U1W9pnixI406MWEjWaXA7DjBYlJP0io2fTG-hg5GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7507174334378103&ias_chanId=1&ias_placementId=20262206047&bidurl=https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0inKlnRlpSirduXiMAPjLHd&adsafe_url=https%3A%2F%2Fmypaylogin.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fmypaylogin.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-7507174334378103%26fa%3D1%26ifi%3D12%26uci%3Da!c%26btvi%3D7&adsafe_type=be&adsafe_jsinfo=,id:82f3fddf-3880-7f88-5a5a-d6122346d5f0,c:2c7NHC,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d966585d8-22fqq,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:38,oid:e6c690d1-ba40-11ee-a60c-a61eac8a832a,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
728x90.html
dco-assets.everestads.net/ics-campaign//5031/t/8820/9/ Frame E0BB 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbBBMgAAKKt2amCi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7bb76122e2d950387459f7efa8f089c712c3afb8a3378a3aae3c6282445435f4

Request headers

Referer
https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbBBMgAAKKt2amCi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2548
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 22:44:03 GMT
ETag
"1a984536a-241b-60561761f6700"
Expires
Tue, 23 Jan 2024 23:44:03 GMT
Last-Modified
Fri, 15 Sep 2023 08:20:12 GMT
Server
Apache
Vary
Accept-Encoding
X-Permitted-Cross-Domain-Policies
all
activeview
pagead2.googlesyndication.com/pcs/ Frame 0C28 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOWZYCaIY_vgNPW95K0qNvxutOXwdy9rMGwlgVhvURljLavpWqTtxPSkl1nv-a7AGzE1mol41-_YvXDx69B5Tz5BPZhGKMph5ixha1RijIDIVFQEDTBLyg&sig=Cg0ArKJSzLvUciIMEyFUEAE&id=lidar2&mcvt=1004&p=0,0,600,120&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706049840567&rpt=1346&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8271 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoTC7QIoSVqXhodyMHVhMdp9iZru1grmReRZXX7bjXuo6g5tHXcHcgf18iSo5qP73jqqAFv4aVLlmdEj1cMZBlGeTBGqTOFdUb3SrRFrIf7EaL5GS-o-BN&sig=Cg0ArKJSzM7E5IKtUAOrEAE&id=lidar2&mcvt=1006&p=0,0,600,120&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706049840588&rpt=1360&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
b1t-sindc1.zemanta.com/t/imp/view/UVRIPLH5ATQHS24RYKHXVTDGAMYYPABKJ3SZVBT4JYMKIQB5763ZO6RP7F6EAM5GSNLDNRRZM27ZD2ZMXIDSOGEHWHR5VBXAYEGTRF2S5H3FZG5TF3NJFC66LJ6QCSGUYF2F4GDW2MIT6BAIX56NNXVTSZ6HOVWAHYF... Frame 8271 		26 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1t-sindc1.zemanta.com/t/imp/view/UVRIPLH5ATQHS24RYKHXVTDGAMYYPABKJ3SZVBT4JYMKIQB5763ZO6RP7F6EAM5GSNLDNRRZM27ZD2ZMXIDSOGEHWHR5VBXAYEGTRF2S5H3FZG5TF3NJFC66LJ6QCSGUYF2F4GDW2MIT6BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3C6YSJL5JKHGGOD6F3VA4ZUEXT6BLZWPVCW56QGBJ2VDPPGMY3CH5OTGUBJQCOK6HGEVBJ37YLV5SAQQGQFXG3V2RCQVVU3PRTYIBDGEBBWJDCHWM7VWZJS73FX5PDFW2JS57MANPJETR4EGDSYYUGPP7YP763CO2C36O6C2WNBWDSAXVMA6MW2KZ2GSZULQ/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Date
Tue, 23 Jan 2024 22:44:03 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
/
b1t-sindc1.zemanta.com/t/imp/view/UVRIPLH5ATQHS24RYKHXVTDGAMYYPABKJ3SZVBT4JYMKIQB5763ZO6RP7F6EAM5GSNLDNRRZM27ZD2ZMXIDSOGEHWHR5VBXAYEGTRF2S5H3FZG5TF3NJFC66LJ6QCSGUYF2F4GDW2MIT6BAIX56NNXVTSZ6HOVWAHYF... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-sindc1.zemanta.com/t/imp/view/UVRIPLH5ATQHS24RYKHXVTDGAMYYPABKJ3SZVBT4JYMKIQB5763ZO6RP7F6EAM5GSNLDNRRZM27ZD2ZMXIDSOGEHWHR5VBXAYEGTRF2S5H3FZG5TF3NJFC66LJ6QCSGUYF2F4GDW2MIT6BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3C6YSJL5JKHGGOD6F3VA4ZUEXT6BLZWPVCW56QGBJ2VDPPGMY3CH5OTGUBJQCOK6HGEVBJ37YLV5SAQQGQFXG3V2RCQVVU3PRTYIBDGEBBWJDCHWM7VWZJS73FX5PDFW2JS57MANPJETR4EGDSYYUGPP7YP763CO2C36O6C2WNBWDSAXVMA6MW2KZ2GSZULQ/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD, GET, OPTIONS
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Max-Age
600
Connection
keep-alive
Date
Tue, 23 Jan 2024 22:44:03 GMT
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7Oey,time:2079,type:e,im:%7Bpci:%7Btdr:2018%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:2079,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2069~0%5D,as:%5B2069~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:273,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:38,sis:222%7D&br=c
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:03 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
style.min.css
dco-assets.everestads.net/ics-campaign//5031/t/8820/9/css/ Frame E0BB 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/css/style.min.css
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:03 GMT
Last-Modified
Fri, 15 Sep 2023 08:20:12 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"1a9f00761-11d1-60561761f6700"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4561
Expires
Tue, 23 Jan 2024 23:44:03 GMT
AMOLibrary.js
ads.everesttech.net/ads/static/local/ Frame E0BB 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.189.200 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-189-200.us-west-2.compute.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://dco-assets.everestads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
cache
date
Tue, 23 Jan 2024 22:44:03 GMT
last-modified
Wed, 22 Dec 2021 09:29:42 GMT
server
AMO-jAds/1.1
etag
W/"5582-1640165382000"
content-type
application/javascript
cache-control
cache,store,max-age=86400
accept-ranges
bytes
content-length
5582
script.min.js
dco-assets.everestads.net/ics-campaign//5031/t/8820/9/js/ Frame E0BB 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/js/script.min.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:03 GMT
Last-Modified
Fri, 15 Sep 2023 08:20:12 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"1a921bdf6-1cef-60561761f6700"
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7407
Expires
Tue, 23 Jan 2024 23:44:03 GMT
c.gif
www.bing.com/aes/ Frame 0628
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe55ded0-e7e0-4e6b-9971-371ad14cad30&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=8e6c208c-6a43-4754...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=387b878c7bef4f9f83da8fc8a450593d&tids=15000&med=10
0
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=387b878c7bef4f9f83da8fc8a450593d&tids=15000&med=10
Requested by
Host: mypaylogin.com
URL: https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/
Protocol
H2
Server
23.32.29.106 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-29-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3CA4EAEA61A547E1BAD6A82F9E0BFEE3 Ref B: SGEEDGE0517 Ref C: 2024-01-23T22:44:03Z
x-cdn-traceid
0.661d2017.1706049843.364150a3
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 23 Jan 2024 22:44:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 38AA81821430468C85F20D595B23B09D Ref B: SIN30EDGE0306 Ref C: 2024-01-23T22:44:03Z
x-cdn-traceid
0.661d2017.1706049843.36414ee9
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=387b878c7bef4f9f83da8fc8a450593d&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
expires
0
/
ipv6.adrta.com/ Frame 0628 		0
50 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipv6.adrta.com/?callback=_1706049843256
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.245.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-245-107.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:04 GMT
content-length
0
server
nginx
i
adrta.com/ Frame 0628 		143 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=58931397&__aasv=23.001&__aaii=4878549940023656282&__aait=1706049842517&__aavz=-480&__aaib=1&__aaai=1&__aaaa=0&__aafl=1200&__aaaf=1&__aaag=9&__aahd=%7B%22chrome%22%3A1%7D&__aarf=3&__aart=11&__aaax=0&__aaay=0&__aasz=728x90&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=0.31007576&__aaxf=182.55.133.166%2C%2010.2.1.133&__aaci=udm&paid=udm&avid=1507&caid=9439&plid=48183&siteId=18969&publisherId=4013&kv14=UDM_MEDIA&kv5=edge&kv3=68DC2E53-1676-31E9-B15C-E491BAA0D92C&kv4=182.55.133.166&kv24=Desktop&kv12=18969_1_slider&kv6=&kv8=&kv9=&kv11=181e0cf22a177fb&kv2=mypaylogin.com&__aapu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&__aapr=&__aatu=https%3A%2F%2Fmypaylogin.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.250.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-250-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6913234ee41c1f7bb6d8280d63bc638199636d19f0939ce1e6e345ad4695def0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/javascript;charset=ISO-8859-1
pragma
no-cache
date
Tue, 23 Jan 2024 22:44:03 GMT
cache-control
no-cache
content-encoding
gzip
server
nginx
expires
Thu, 01 Jan 1970 00:00:00 GMT
vevent
sin3-ib.adnxs.com/ Frame 0628 		0
984 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&e=wqT_3QKoCPBAKAQAAAMA1gAFAQiwgsGtBhD2oYPlxuix7TMY3_zWmMXK5W4qNgkAAAAAoPWkPxEAAAAAWOmjPxkAAACAPQr3PyEREgApAQnooPWkPzEAAADA9SjMPzDM2ucNOMoMQLVeSOMDULqJirYBWJe0pAFgAGj1rMgBeNjTBYABAYoBA1VTRJIFBvCQmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCwQTgAtKmB-oCSmh0dHBzOi8vbXlwYXlsb2dpbi5jb20vcGF5LXN0dWJzL21vbmRlbGV6LWludGVybmF0aW9uYWwtcGF5LXN0dWJzLXcyLzIyNzAvgAMAiAMBkAMAmAMXoAMBqgObAwqxAmh0dAVgIHd3dy5iaW5nLgFeLGFwaS92MS9tZWRpYQFQ8EwvdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPThlNmMyMDhjLTZhNDMtNDc1NC1hYWU1LWNkMmRjOGFkZTgwOSZiaWRJZD0xNTAwMAEMVGRlcklkPTQmY21FeHBJZD1MVjMmb0EyXAAYcHVibGlzaAUpJDE2MjY0NTMzMCYBN5JxALhydHlwZT1udXJsJnRhZ0lkPTI4OTYyMTI0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8P1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzczNjUxNzkzNzU1MTQyOTg3OCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRFV3TnpVeU5qSTJPVEUxTVRJak1qTXpOamczTkRVeU5qUTRPRGM1TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTgyLjU1LjEzMy4xNjaoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBe3c7MrRzs-JOcAFAMkFAEHoFADwP9IFCWUXAQFw2AUB4AUB8AXu5Dj6BQQIABAAkAYAmAYAuAYAwQYBIQExJNAGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH2NMF0gcNFWUBJgjaBwYBXvByGADgBwDqBwIIAPAHv8XuAYoIRwpDAAABjTh-o4Az2sdEbKDQ9ii1dK0njaEtkJGa_OwboNtbEAa2mo9Eg8jmgF7dvzafLt7xgRcn4iTZuRM3pZlWvs-5oRABlQgAAIA_mAgBwAjBBNIICQj___8_EAAYAA..&s=49c6d1436ec38008f020950157442dbe1d6602da&type=pv&jm=1003&px=436&py=1110&bw=182&bh=90&sf=1&sid=7139843351470667495&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28962124&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:03 GMT
an-x-request-uuid
7a50e487-8b00-47e2-9482-9b3057c2f2c9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://mypaylogin.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
182.55.133.166; 182.55.133.166; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8820/9/ Frame E0BB 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/SegoePro-Semibold.woff
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c

Request headers

Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
Origin
https://dco-assets.everestads.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:03 GMT
Last-Modified
Fri, 15 Sep 2023 08:20:12 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"1a984536b-74a0-60561761f6700"
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29856
Expires
Tue, 23 Jan 2024 23:44:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AE12 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZMED1Rare6rG84lKlO8pVZxxnOo1moUtU6hrQmjhwu2OC42j3SUpQw7pHPjLPn3TLvlxX8jz2TBhUsm9vFvDhAGhF66ejb4c7pdiHMl5fndZWxciEhgUZu2LfPneT2Z17sp3tjUswNIDqG62ifao6eK0i&sai=AMfl-YRA4zRxhG9YRDDmAt6brtoQMJFLsmicxpMjrk1tpYyHHIcY5F-l26asgCeEQPNK5CMsz3qZsNu0CaT5CyqN0t1aLC3y4SyC0i9UiaTN-MPAKj-zbkfaLH12jI_Wd0x28d9ka9HO_YAVpqJF_PwM&sig=Cg0ArKJSzKCxxywsJv4pEAE&cid=CAQSTgAvHhf_7bNfcGWqOMlMcORGvNR2XwoPTkOFyesG_ksLOm1VbKns3AES3zEqYNixuOFNVvaZ4sSONOjFhI1mlwOw4wWJST9IqNn0xvoYORgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706049840612&rpt=2274&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		0
67 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6575260646613&version=m202309260101&ct=76&x=1&cor=14846434998272092000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
f773dc1d3e70051a550d3a4e44211c436b5034fc916f88f8af2e96f61e231c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12257
x-xss-protection
0
i
adrta.com/ Frame 0628 		15 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adrta.com/i?cb=11872793&__aasv=23.001&__aaii=4878549940023656282&__aait=1706049842517&__aasi=9421620663313426849&__aast=1706049842048&__aavi=1587991729122152335&__aavt=1706049842048&__aavz=-480&__aaib=1&__aaai=1&__aaaa=1&__aafl=1200&__aaaf=1&__aaag=9&__aahd=%7B%22chrome%22%3A1%7D&__aarf=3&__aart=11&__aaax=436&__aaay=1110&__aasz=728x90&__aapf=1&__aaec=4&__aaup=2&__aaat=400&__aaae=1&__aaav=1&__aaas=1008&__aaah=0&__aapc=400&__aaph=4471&__aapw=1600&__aap1=1&__aap2=0.341&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=0.31007576&__aaxf=182.55.133.166%2C%2010.2.1.133&__aaci=udm&paid=udm&avid=1507&caid=9439&plid=48183&siteId=18969&publisherId=4013&kv14=UDM_MEDIA&kv5=edge&kv3=68DC2E53-1676-31E9-B15C-E491BAA0D92C&kv4=182.55.133.166&kv24=Desktop&kv12=18969_1_slider&kv6=&kv8=&kv9=&kv11=181e0cf22a177fb&kv2=mypaylogin.com&__aapu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&__aapr=&__aatu=https%3A%2F%2Fmypaylogin.com
Requested by
Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=23.000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.250.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-250-10.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/javascript;charset=ISO-8859-1
pragma
no-cache
date
Tue, 23 Jan 2024 22:44:04 GMT
cache-control
no-cache
server
nginx
content-length
15
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 22:44:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7830 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
329444
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 03:13:20 GMT
expires
Sun, 19 Jan 2025 03:13:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C714 		829 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
GSE /
Resource Hash
f389e0da5f4c077f7ac79992bd2797a3b8bec1cb749406fcc27bbb690f9a79fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vrhGR8rBFIrIGqOcTG_00A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mypaylogin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vrhGR8rBFIrIGqOcTG_00A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 22:44:04 GMT
expires
Tue, 23 Jan 2024 22:44:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame C714 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=3086412098281208&rc=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 7830 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 08:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
53015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 08:00:29 GMT
e51232cf9fc8dd7b4756cbe34f3be9cc.png
dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/ Frame E0BB 		110 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/e51232cf9fc8dd7b4756cbe34f3be9cc.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:04 GMT
Last-Modified
Tue, 23 Jan 2024 11:47:05 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"106564822-6e-60f9b816a5bf9"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
110
Expires
Tue, 23 Jan 2024 23:44:04 GMT
bc859416dcd3cc000a830125e502f657.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame E0BB 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/bc859416dcd3cc000a830125e502f657.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d0db4e94545619b68315896652b0b4be28ad90d974517ecae967da3564d3b3e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:04 GMT
Last-Modified
Mon, 22 Jan 2024 19:42:07 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"1157334a4-7dfb-60f8e066ddbd2"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32251
Expires
Tue, 23 Jan 2024 23:44:04 GMT
bc859416dcd3cc000a830125e502f657.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame E0BB 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/bc859416dcd3cc000a830125e502f657.png
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/js/script.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-136.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d0db4e94545619b68315896652b0b4be28ad90d974517ecae967da3564d3b3e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8820/9/728x90.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 22:44:04 GMT
Last-Modified
Mon, 22 Jan 2024 19:42:07 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"1157334a4-7dfb-60f8e066ddbd2"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32251
Expires
Tue, 23 Jan 2024 23:44:04 GMT
imp
analyticspixel.microsoft.com/aid/ Frame E0BB 		0
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZbBBMgAAKKt2amCi&dcmadvertiserid|8391437$dcmcampaignid|30056140$dcmadid|560290187$dcmrenderingid|168311820$dcmsiteid|6958819$dcmplacementid|369677253$customer|Microsoft$dv360auctionid|ct=SG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0005.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://dco-assets.everestads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:04 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 54C0F6C49C6344BB8FA84F42B324E6F4 Ref B: SG1EDGE0306 Ref C: 2024-01-23T22:44:04Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 7830 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mkfYBQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 22:44:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.8.0&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:04 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://mypaylogin.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
fed
ups.analytics.yahoo.com/ups/58809/ 		391 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://mypaylogin.com/pay-stubs/mondelez-international-pay-stubs-w2/2270/&pixelId=58809
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
94d7afe6e5a21a77443a2cb3b4641c4e52bf7fcb60a10b5ab22cfdd8771f3b06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://mypaylogin.com
content-type
application/json
access-control-allow-credentials
true
rid
match.adsrvr.org/track/ 		109 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
d3828fe7866e507812b3bda518e0f250cda4ff8ab83f28e5eb20efecdfd7d36c

Request headers

Referer
https://mypaylogin.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 22:44:04 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://mypaylogin.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 22 Feb 2024 22:44:04 GMT
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7OJg,pingTime:1,time:3983,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:37%7D,%7Bpiv:100,vs:i,r:,t:2980%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:2980,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2971~0,0~100%5D,as:%5B2971~728.90%5D%7D%7D,%7Bsl:i,t:2980,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:263,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:38,sis:222%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:05 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7OJg,pingTime:1,time:3983,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:37%7D,%7Bpiv:100,vs:i,r:,t:2980%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:2980,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2971~0,0~100%5D,as:%5B2971~728.90%5D%7D%7D,%7Bsl:i,t:2980,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:263,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:38,sis:222%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:05 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=3086412098281208&bg=!hYalhsnNAAa8BdJLnAU7ADQBe5WfOK85w9Nj0nDclRsqbyRB1j5BJHG_AqFolfjd8iFN3Q8l_S6x8tec7vBJ3a7rceUpAgAAAHNSAAAABGgBBwoAvbiiZm5xVek0gskGjL0c18qjUyB_U_yaGogKahmGJN9hbj9R9SFPpqEK3PwH6ALUsJCtB_M6xqyq9H2kAtRBAXddQjmOZ4i5QPcZXSI1bYAoaphXrAI0nLhdUsbNBFOmBvzxa8dLY_7rPZBQo0TD4S62-tJ5UGJrn1zXVtYdRsi2i54lNwS8XobrxUY5wYjRLuGxodkw3J6xPb0k2MWIOl6_311JAsmlHUFRGqt4sBOruhcqoz5vH1l-HhL3rpkCwGw-5SxxhaM9SbXbxatm_5oGXXCuANeq3pruAlJAEzCayaKzmk9vTV_rZF_nwZbhPtQn3Qb5hWalUrRnC15YxIhFHI7K7qAzG032hsmiR5MGu5x_mnQZqqkE9km1QPsH0QjGFoYtIolHtykUQl4K2zodmupJsUO0fUPx9QoFRpba91stzAbH2zj7MmSg_Q-OV8Mfa-_1G0yrfRKnlvh62eJNWNpxJj9ZkxHPxdLa5SLPHqgFLGNq76gcsfrMRsb39A6djdo4PGAKAW7MIcGSUncFfLI3NAxs0YM68kgMLCXzlOQQaSXKdIC_s8wOW2rzocLTH_WMyMlyP8RVTu_Xs0MiwmjVgL2EU0E6bqicd_P9n6icrO56ekn51Bbm81F8TTA0lDp_Cqy2-J7i8NSvZFV_icNTKNQY7MGt9Arku2N3Zw9DFgvLY9iGMNJUZGtRSBVsn6kb7K7lHbf-4qCY-7mD5ayvoc3HUSjuTlFyWMY-0OjWzGgi3AA9psETILePOhufLDLd_kpekULtklzTMQ8zYiUlzD7H_ZIk9qwj48wEp29aIqEOSU30-DBD02xFlIAqPdxF_1V4fB2jCOkAjOxUpoOD-_Ouv51XdbmGlW3sEhCdbMyDPK-fDgXgAoQNkCrqzmMqQdxnEkSVsmSks2FHksEsxC-DvuEgcXYwwJgxCV5UUbtUmdq4aJ2zASiaiU5I3bUQ5T-seqKJRGHQqfPG_X8f3ki6-4slaDRWTmzu1bXsqgHwBeBXfgVFzQyyrslEVojmoOSD8olpxfCpu0USS5B81_2hWdkDh_ZnK77CP6NxydoC7WqdObdbQSF9xcMgX-Bv3PpZuoLP4Z9y3-kE1vLMeKrYzIoyKvrPIqXOHc9egS0O7fxAyHSQvQIwPPO2UnK6hLrs379ei9lYrYP3J65_vwGTXiCvOnm_LZcb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mypaylogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ Frame FBB3 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&dMoatBDS=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ZENITH_GLOBAL_ORACLE_DCM1&ol=2290092559&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=11&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fmypaylogin.com&lp=https%3A%2F%2Fmypaylogin.com&t=1706049840874&de=890560283690&cu=1706049840874&m=5875&ar=805b0ce1b97-clean&iw=0eae4ac&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1174%3A1174%3A2222%3A2221&aa=1&ad=5192&cn=1121&gn=1&gk=5192&gl=1121&ik=5192&ic=5192&ez=1&co=1121&cp=1111&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5182&cd=1312&ah=5182&am=1312&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=1106306%3A30854470%3A385871515%3A208358873&bo=6604461&bd=mypaylogin.com&gw=zenithglobaloracledcm444268370365&zMoatOrigSlicer1=6604461&zMoatOrigSlicer2=N%2FA&zMoatOTC=30854470&zMoatOT=1&zMoatOTR=1&zMoatOTG=1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jh=-1&jm=-1&mr=2&ml=30854470&tc=0&fs=207009&na=1923982222&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 22:44:06 GMT
pixel.gif
px.moatads.com/ Frame FBB3 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&dMoatBDS=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ZENITH_GLOBAL_ORACLE_DCM1&ol=2290092559&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=12&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fmypaylogin.com&lp=https%3A%2F%2Fmypaylogin.com&t=1706049840874&de=890560283690&cu=1706049840874&m=6076&ar=805b0ce1b97-clean&iw=0eae4ac&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1174%3A1174%3A2222%3A2221&aa=1&ad=5393&cn=5192&gn=1&gk=5393&gl=5192&ik=5393&ic=5393&ez=1&co=1121&cp=1111&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5383&cd=5182&ah=5383&am=5182&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=1106306%3A30854470%3A385871515%3A208358873&bo=6604461&bd=mypaylogin.com&gw=zenithglobaloracledcm444268370365&zMoatOrigSlicer1=6604461&zMoatOrigSlicer2=N%2FA&zMoatOTC=30854470&zMoatOT=1&zMoatOTR=1&zMoatOTG=1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jh=-1&jm=-1&mr=2&ml=30854470&tc=0&fs=207009&na=1484285236&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 22:44:06 GMT
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7PLK,pingTime:5,time:7981,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:37%7D,%7Bpiv:100,vs:i,r:,t:2980%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:2980,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2971~0,0~100%5D,as:%5B2971~728.90%5D%7D%7D,%7Bsl:i,t:2980,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:244,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:38,sis:222%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:09 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AE12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=82f3fddf-3880-7f88-5a5a-d6122346d5f0&tv=%7Bc:2c7PLL,pingTime:5,time:7982,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:37%7D,%7Bpiv:100,vs:i,r:,t:2980%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:2980,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2971~0,0~100%5D,as:%5B2971~728.90%5D%7D%7D,%7Bsl:i,t:2980,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:244,fm:u2efgHB+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1*.1525559-72176526%7C1f11%7C1g%7C1h,idMap:1f1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:38,sis:222%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.66.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-66-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:09 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ Frame FBB3 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&dMoatBDS=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F406587087795472235&i=ZENITH_GLOBAL_ORACLE_DCM1&ol=2290092559&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teJyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=13&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fmypaylogin.com%2Fpay-stubs%2Fmondelez-international-pay-stubs-w2%2F2270%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fmypaylogin.com%2F&lp=https%3A%2F%2Fmypaylogin.com&t=1706049840874&de=890560283690&cu=1706049840874&m=10686&ar=805b0ce1b97-clean&iw=0eae4ac&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1174%3A1174%3A2222%3A2221&aa=1&ad=10003&cn=5393&gn=1&gk=10003&gl=5393&ik=10003&ic=10003&ez=1&co=1121&cp=1111&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9993&cd=5383&ah=9993&am=5383&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=1106306%3A30854470%3A385871515%3A208358873&bo=6604461&bd=mypaylogin.com&gw=zenithglobaloracledcm444268370365&zMoatOrigSlicer1=6604461&zMoatOrigSlicer2=N%2FA&zMoatOTC=30854470&zMoatOT=1&zMoatOTR=1&zMoatOTG=1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jh=-1&jm=-1&mr=2&ml=30854470&tc=0&fs=207009&na=1011289383&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.216 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 22:44:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 23 Jan 2024 22:44:11 GMT

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| gaGlobal function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery undefined| RS_CacheGS undefined| RS_CacheGS_queue undefined| RS_Cache_define object| tpGS string| ease object| punchgs object| gsapVersions object| Back object| Bounce object| CSSPlugin object| Circ object| Cubic object| Elastic object| Expo object| Linear object| Power0 object| Power1 object| Power2 object| Power3 object| Power4 object| Quad object| Quart object| Quint object| Sine object| SteppedEase object| Strong function| TimelineLite function| TimelineMax function| TweenLite function| TweenMax object| gsap function| CustomBounce function| CustomEase function| CustomWiggle object| DrawSVGPlugin function| TPGSSPLITTEXT object| MotionPathPlugin object| ScrollToPlugin undefined| GreenSockGlobals undefined| _gsQueue undefined| _gsDefine object| RSANYID object| RSANYID_sliderID object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields string| GoogleAnalyticsObject function| ga function| __h82AlnkH6D91__ function| setREVStartSize function| google_spfd number| google_unique_id object| google_sv_map object| swv object| wpcf7 undefined| Cookies object| AICP object| Modernizr function| Waypoint function| PhotoSwipe function| google_sa_impl object| googlefc object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZDA2NmFlYTkyNjUzNGY3M2xvYWRlcl9qcw== string| ZDA2NmFlYTkyNjUzNGY3M2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| __p4qa8r1lb17__ string| cHViLTc1MDcxNzQzMzQzNzgxMDM= function| PhotoSwipeUI_Default function| citadelaApplyFancybox function| citadelaOpenFancybox function| citadelaGetCaption function| citadelaGetPswpHtml function| citadelaLoadOriginalImageSizes function| citadelaGetOriginalImageSize function| citadelaResponsiveClass function| citadelaTriggers function| citadelaResponsiveMenuCloseBtn function| citadelaMainMenuScroll function| citadelaSubmenuManagement function| citadelaSubmenuClickAction function| citadelaCloseAllSiblingTopLevelItems function| citadelaGetMenuAdditions function| citadelaGetMenuAvailableWidth function| citadelaMainMenuBurgerPrepare function| citadelaMainMenuBurger function| citadelaCloseAllTopItemsSubmenus function| citadelaCloseWoocommerceCart function| citadelaResponsiveMenuOnDesktop function| citadela_isResponsive function| citadela_isUserAgent function| citadela_isMobile function| citadela_isTablet function| citadela_isDesktop function| citadela_isAndroid function| citadela_isIpad function| citadela_isTouch function| citadela_emToPx function| citadela_pxToEm object| gglcptch object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| gaplugins object| gaData object| udm_ads_queue boolean| udm_edge_init object| _qoptions object| _qevents object| addComment object| google_llp boolean| adsbygoogle_ama_fc_has_run object| twemoji object| wp string| waypointContextKey object| recaptcha function| quantserve function| __qc object| ezt object| udm_r3Chunk object| udm_r3 object| _pbjsGlobals object| mnet function| endedHandler function| udmPbcsRun function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates object| googletag object| udmCompiledBlockedCreativeIds object| udmDefinedBlockedCreativeIds object| closure_lm_398825 boolean| 3eea3028-8855-4eb8-915c-80a3a9354dc4 boolean| google_empty_script_included number| lnt_z object| GoogleGcLKhOms object| google_image_requests

72 Cookies

Domain/Path Name / Value
.mypaylogin.com/ Name: _ga_1B7F7WKTNY
Value: GS1.1.1706049837.1.0.1706049837.0.0.0
.mypaylogin.com/ Name: _ga
Value: GA1.2.692948144.1706049838
.mypaylogin.com/ Name: _gid
Value: GA1.2.1145980483.1706049840
.mypaylogin.com/ Name: _gat
Value: 1
.udmserve.net/ Name: dt
Value: 68DC2E53-1676-31E9-B15C-E491BAA0D92C
.sharethis.com/ Name: __stid
Value: ZGQAA2WwQTAAAAAICOJAAw==
.sharethis.com/ Name: __stidv
Value: 2
.mypaylogin.com/ Name: __gads
Value: ID=8e0f0917d1d54923:T=1706049839:RT=1706049839:S=ALNI_Man85TYCKZPKBjCbd9DKUhB-XUwnw
.mypaylogin.com/ Name: __gpi
Value: UID=00000cee6cc72bf2:T=1706049839:RT=1706049839:S=ALNI_MY9ToL4I5EzeNspFz8edJ9NQmJKhA
.mypaylogin.com/ Name: _ga_BMRF6YZ128
Value: GS1.2.1706049840.1.0.1706049840.0.0.0
.adnxs.com/ Name: XANDR_PANID
Value: 0e0Vsl6wsviVQ06aqOl2zhXJ4KBVruW0mcUUOq-C2mM2-hYMpvpuHEe-XUlMBie57dG7DZAzOPiiSbEMtTdPrJu_xkSfwEdFhdQ7PyPj3xc.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 62371258768408159
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.yahoo.com/ Name: A3
Value: d=AQABBDBBsGUCELXd5a1d33Dg5S6WaqAHXtkFEgEBAQGSsWW6Za9C8HgB_eMAAA&S=AQAAAi9qi9VSw_bEhzf1tSHm6oM
.casalemedia.com/ Name: CMID
Value: ZbBBMIpFRXEkccilE8pBJwAA
.casalemedia.com/ Name: CMPS
Value: 4798
.casalemedia.com/ Name: CMPRO
Value: 4798
.pubmatic.com/ Name: SyncRTB3
Value: 1707177600%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 982B9EE5-B7A7-400B-979A-F7E3A44F13A1
.analytics.yahoo.com/ Name: IDSYNC
Value: 19di~2gcm
.mypaylogin.com/ Name: fpestid
Value: VvRPJT_VnP8-cr4zkmW6BVd-110ri3JrX8Gv-HC60ohr6Tl86fCgpW-12cqC00h95FodHQ
.pubmatic.com/ Name: pi
Value: 156505:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.udmserve.net/ Name: apnid
Value: 62371258768408159
.doubleclick.net/ Name: IDE
Value: AHWqTUnJTUOS2wZoMj0hfugMsYryK_j246XvAE4rNKh1zbMt2zlgGq8YxOgs5Eqw6QY
.udmserve.net/ Name: yahoo
Value: y-9D29.YpE2uLpa4Ag0lVhHUn8a.sEL.PA~A
mypaylogin.com/ Name: udmsrc
Value: %7B%7D
mypaylogin.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mypaylogin.com/ Name: _sharedid
Value: 432f6371-3601-47a6-b08c-f4901c8f08d4
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJyN0eWmQY9191eUbWogv5EOrwQHG0HtAO9kFkXemBbjVl1y173imH6SXhuKWcBci8bogfw3dCAHc/agkX3HLcCA8njqUHYtNLm4P2AOCaMW6yL42iJO
.bluekai.com/ Name: bku
Value: CPTO9eOOLsUguSTN
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImGZ@Os!!1yIE`fS1ueD1W-044)d+]UenTfeIW+[8-Hne?Q=.9(b_FFI4T1FtR4n-($JP(hw9P-HC_#tu1t*!_i_
.udmserve.net/ Name: indx
Value: ZbBBMIpFRXEkccilE8pBJwAAEr4AAAIB
.doubleclick.net/ Name: APC
Value: AfxxVi4uqIYChDDBKFkGxCwk2V6DXTqHmKYK-PLZ9kmGxozJ0MOhaw
.udmserve.net/ Name: pmid
Value: 982B9EE5-B7A7-400B-979A-F7E3A44F13A1
.openx.net/ Name: i
Value: 432f6371-3601-47a6-b08c-f4901c8f08d4|1706049840
.go.sonobi.com/ Name: __uis
Value: 6d34d8b6-6d66-4c9f-b9cc-94bfc2768202
.prebid.a-mo.net/ Name: __amc
Value: 1_1706049840_1706049840
.a-mo.net/ Name: amuid2
Value: c65f98b8-29b1-4a6f-a916-329b7f88d19c
.prebid.a-mo.net/ Name: sd_amuid2
Value: c65f98b8-29b1-4a6f-a916-329b7f88d19c
.mypaylogin.com/ Name: __eoi
Value: ID=aa935d4739b7cffa:T=1706049839:RT=1706049839:S=AA-AfjYBHDiW74nREYygw3UrRRQg
.mgid.com/ Name: lmg_usr
Value: 138e98b6-f564-4793-9873-157063d7a67f
.mgid.com/ Name: lmg_r
Value: 24
.adnxs.com/ Name: icu
Value: ChkI8vGJARAKGAEgASgBMLGCwa0GOAFAAUgBELGCwa0GGAA.
.udmserve.net/ Name: udmts
Value: 1706049841.0
.udmserve.net/ Name: sonobi
Value: 6d34d8b6-6d66-4c9f-b9cc-94bfc2768202
.quantserve.com/ Name: mc
Value: 65b04131-30dc9-2d51f-26758
.mypaylogin.com/ Name: __qca
Value: P0-870260267-1706049840689
.mypaylogin.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_4by2P94l6SbOgBhZLs4RiJ8mJ36dAM-vfISt8pRmTGp2I1gF4D_HZRc7X9xPi7aO4H1nFk57COPi1UNBNjoyHd19K1PJ5xhG4fVRwvNzK5KTc72X7YkmZ9383GPSf4aJZcknWUXv2AWoo3w7aVm-sLoi-sQ%3D%3D%22%5D%5D
.udmserve.net/ Name: mgid
Value: 138e98b6-f564-4793-9873-157063d7a67f
mypaylogin.com/ Name: udm_edge_floater_fcap
Value: %5B1706049841471%5D
mypaylogin.com/ Name: udm_session
Value: 1
.rubiconproject.com/ Name: khaos
Value: LRQY0YKI-14-9MXM
.rubiconproject.com/ Name: audit
Value: 1|G2o+Q23yIpx22RnsOU8+WaFZUAMqd+kmoKJGRunAUNvUzGoMUGPRXik5O9EI+f7TNTlXFhx2b4AkEa5N2k7U1SEEFoCDRlfYgOeV7TJonsRCE8+DzHOiDVtVR4PywHiVj3puy1cr3dI95nUVy/R1gA==
pixel-us-west.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.udmserve.net/ Name: geode
Value: 63830817841:182.55.133.166:702:C2222:D-1:S25925:sg:singapore:ZZ:531616:wifi:?:?
.turn.com/ Name: uid
Value: 7041928539521444407
.udmserve.net/ Name: magid
Value: LRQY0YKI-14-9MXM
.adrta.com/ Name: __aavi
Value: 1587991729122152335
.adrta.com/ Name: __aavt
Value: 1706049842048
.adrta.com/ Name: __aasi
Value: 9421620663313426849
.adrta.com/ Name: __aast
Value: 1706049842048
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZbBBMgAAKQd2QGCi
.bing.com/ Name: MUID
Value: 1E8F26A930FC6BB8217D32A631C46AE1
.mypaylogin.com/ Name: connectId
Value: %7B%22puid%22%3A%22a40df85c6d1ca2d9de2b2a99e8a70e507973459d04acf29381451780e139e76a%22%2C%22vmuid%22%3A%22rkkzgiGQ7cI_KWQmZ_PdA61a6kVYBMhj7-dWSLhwSCZUjQLtJcy62aRLPxRv_BWYvSaXnhfO5OfLKPEUfWqyvw%22%2C%22connectid%22%3A%22rkkzgiGQ7cI_KWQmZ_PdA61a6kVYBMhj7-dWSLhwSCZUjQLtJcy62aRLPxRv_BWYvSaXnhfO5OfLKPEUfWqyvw%22%2C%22connectId%22%3A%22rkkzgiGQ7cI_KWQmZ_PdA61a6kVYBMhj7-dWSLhwSCZUjQLtJcy62aRLPxRv_BWYvSaXnhfO5OfLKPEUfWqyvw%22%2C%22ttl%22%3A24%2C%22lastSynced%22%3A1706049844495%2C%22lastUsed%22%3A1706049844495%7D
.microsoft.com/ Name: MC1
Value: GUID=6ce2990d82844ee4b0257a3dc6e25add&HASH=6ce2&LV=202401&V=4&LU=1706049844494
.microsoft.com/ Name: MUID
Value: 058F360AE6FD62343C702205E2FD6486
.analyticspixel.microsoft.com/ Name: MR
Value: 0
.adsrvr.org/ Name: TDID
Value: 2e8698af-5022-4f26-a171-6e89acdb59dd
mypaylogin.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%222e8698af-5022-4f26-a171-6e89acdb59dd%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-23T22%3A44%3A04%22%7D

4 Console Messages

Source Level URL
Text
rendering error
Message:
Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
security warning URL: https://bid.underdog.media/udm-r3_v2.23.3.js(Line 4)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
violation error URL: https://z.moatads.com/zenithglobaloracledcm444268370365/moatad.js(Line 140)
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://z.moatads.com/zenithglobaloracledcm444268370365/moatad.js(Line 140)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adrta.com
ads.everesttech.net
adsdk.microsoft.com
analyticspixel.microsoft.com
b1-sindc1.zemanta.com
b1t-sindc1.zemanta.com
bid.g.doubleclick.net
bid.underdog.media
bidder.criteo.com
buttons-config.sharethis.com
cdn.adnxs.com
cm-x.mgid.com
cm.g.doubleclick.net
d.turn.com
dco-assets.everestads.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
google-analytics.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
ipv6.adrta.com
l.sharethis.com
lexicon.33across.com
match.adsrvr.org
mb.moatads.com
mypaylogin.com
pagead2.googlesyndication.com
pix.adrta.com
pixel-us-west.rubiconproject.com
pixel.quantserve.com
platform-api.sharethis.com
prebid.a-mo.net
px.moatads.com
q.adrta.com
rules.quantcount.com
s0.2mdn.net
secure.adnxs.com
secure.gravatar.com
secure.quantserve.com
sin3-ib.adnxs.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
sync.go.sonobi.com
tpc.googlesyndication.com
udmserve.net
underdogmedia-d.openx.net
ups.analytics.yahoo.com
widgets.outbrain.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
zem.outbrainimg.com
103.229.10.180
103.43.90.21
104.69.166.136
13.107.213.59
13.227.254.88
13.228.126.19
13.33.33.118
13.33.88.21
131.153.206.103
142.250.4.100
142.250.4.95
142.250.4.97
142.251.12.157
142.251.12.94
142.251.175.105
142.251.175.149
142.251.175.156
151.101.129.108
172.217.194.149
172.217.194.94
172.64.151.101
18.142.150.10
18.155.68.64
18.164.52.35
182.161.73.145
192.0.73.2
192.9.186.67
199.192.23.231
199.232.46.132
204.79.197.204
207.65.33.76
207.65.33.79
207.65.33.82
23.108.101.161
23.207.181.216
23.32.29.106
23.44.1.119
23.44.1.216
3.121.117.111
3.94.66.151
34.98.64.218
35.244.193.51
35.71.131.137
44.237.189.200
50.116.239.135
52.222.174.21
52.27.250.10
52.32.245.107
54.202.56.183
64.233.170.101
64.233.170.156
68.71.249.118
69.173.158.65
72.34.250.75
74.125.200.155
74.125.24.132
74.125.68.103
74.125.68.157
8.2.110.161
8.39.36.141
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01e1c129dddfd14b2464a7a53b7f4e24766edc3f470823e9083c9cba71f17311
05442fe50b20efb5c302cf1b3e04981f99b523889b6cd7933b277c8a7e5cf6a4
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0
093044b345c60a942f6e9d9ac62f57354748094c3840f9424bd83622f87cbd0a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b59c84236e1aa480f6e46307bc58e447153f649c3e78390495b1ae6ef08730b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf228bfa7cd9d4c526703d7eabee1e278a77943ad402b82bf34678b873d3b4f
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
16866aa41cfbebc6f3d0a6fdb70ac05c4c4dafe07b567be11f8abd735d723c5f
169129c84912473c3eea8cb0783089f986648c26f879f25caf12b9933feedebe
16ede8ff5715099bf3c73973a90102e5354fe02a45124195b703c8e2d0b3363e
186ef034be0975eb4703bc3a33b8fd6e1af8cc773b208340cba91dd522763909
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
29756d1e9926e455608bf53d668030ae9a1b0240f4a3374fe4a5af788bc71c83
29d051bac32d89c8fa8a14d3263d3a1aed42b101b7a5ce0fa942ede1ee9d0891
2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919
2bc98ed208d494602e9e7eedf935a63247a202252e64bd2dc285c5c149aabf3f
2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef
2be499b9fbb00bf70c7b435f13eb92ce73f3d1722dd5a183e7504052975beb26
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e1e8fbe9df3402112a969fdcea480c561cd54897118f937b1b256fe9c7974f7
2f3039b949a8eb8b93be3fc3d9d6b898ad149659090deb13259501d8db130fe8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
388ab5d34a16d8eddc6228744d69f2f89f21ece418dd78862b232766712e33c9
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d2c706c6c0d79356ebb6152ae1e607d31cccff9895043e31ca7f6d34cd79ae1
3dd3db2741c2b611c7b73fdccd23b73a837290292c1fda9c6118d5f315e5360a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07
3eb86615b07916ab553d613a545aec2ffa1c3f04782c42abe24332242bd4cf93
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42f4e997d62b6f60b1fd3c34a4cf4a516d50de43e11861d2a1ddd2c3a830d374
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4812d4e2fbfa080ea51ec6755f24dd8728c9c428cf89ffd34648e7b321801a71
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea29f1197c91fa6ae6707b59b411b7b4ba78a8c7d00f76c6a669ee12a00e2f
4b507a6b61e3dc4917931413919fc3af1c6cc0b682877fc05afa195cbf8da568
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e4b6537817087188f2b27bd665bda87fd649be4359c449649ef29242becf5ba
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50a9333a7ff0d660714662cb1ab49ec81e1ed716eba78c729600166f7338da95
519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54329f087a22b175287800c3ea8d495a49351478315295b9738ab3ff1016ecbf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565fc01023dfe762244eccd1b36f5dbd035555d3d5f5d844729d6b3660999202
57b1d194d4c8a9ba103d41d992bd3e4b1109669874d4a880a4942d860e45eb1a
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ea08c9042d0f2825565788e9aa172bc11f544f8dd68408cdb20289aca43633
648b8cc70a9b4cfb42be64502746cd4020ccb63a1d664972dd9bb5ab9620923e
6913234ee41c1f7bb6d8280d63bc638199636d19f0939ce1e6e345ad4695def0
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a42392f744cf34cdc9eef0942861c7a4e1eba86a20c40dabe35b83f99808262
6c3c1a8c11f7de0a06fcd7662486b70e7e6820061df91ecc8702c02a1006d380
6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
7012a50fcc4cac10fa72ace1844e90f50af25efddd4c6a551a416489e134d718
7163651ced123cbce9a2b5a074444bcddd2d68512e4ba771c6f7244684ee5a6e
71c2b48dc5728a204dec4918ab15d1520e4029fe6ed06ce6a39eaee466b44a9b
7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe
734b9c920ca443dbf993e22a56264e64a738ec99fb2908a5e3f30fdf2480dc5f
759ce2a2ce00d61d23c78b075f72880dba5cec69876073fc1313ccfe536c7101
7722baad4e4647f410651819b53ec66017cf77d84cf7bcf4eebdb157b5502c11
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78fc260a16dbbd76ec3b4da56ccdc7a076d21d31c501e0a17a4175c4a25d95ea
7a98efbd48e727770b5d6f5bc67c24a9b37d4e95ef05d0b2d81362e16ee0f52c
7bb76122e2d950387459f7efa8f089c712c3afb8a3378a3aae3c6282445435f4
7c49bd753274881f6db809246e4b9e32794a1ca11eb04d5e2a9033530eaf80cf
7c7dbd17e97eb9a10fe3bb5c4fc90cebdba9d641543bb7c98b9375bb2325b037
7e94a2942a196d41f4c6e562b10101ef7a1d4d8eed39e93b37fa4d1a2221cfa8
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7f4a1ba88401252d0d2b02d38d90a35726b6ac465b64aae6c2cdae67a45877c1
80be6b743dc602a53fa769ab4661a65895d5d6a41b1b443d2272eaf8d61aacd5
83f5e2eb5da91d5378ef2f65a2af8276598c5cab1be510b2df042c534ac4b237
84569c21aafc5b59c74756c75648de4c4564f7733bc1128b0f259ca4191edf77
85e74cf367fdd70c3bdbb603df85574f4f7e9a99b6f77c3e0b4cee1c9fe5105c
8936a6938f2dc15cb1bab8b433e906b86cb94cdc559de5a580e6eb434749b79e
8b93e0fcf56d23a1af679ed432e454bd3af4b577af1f423395d6aeef584eb041
8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db
8d2ea0effa021870f288e25ee77d7b5b4e32db2a116353a7f0db665177938afc
8f376de1bb835d16e1af993423ae06119f7ecd9fa8c3d3bad5d03255ad4bab1b
8faad5c17793080e6d73c4bfc50a4eb37829582de2521021edf69cf5e5488ab9
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
94d7afe6e5a21a77443a2cb3b4641c4e52bf7fcb60a10b5ab22cfdd8771f3b06
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af
9fbb78d831f4409c5d513b230b46466af266b896851f86a80c51acdc664bb135
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3baaf886a32253ae21a7419de47381cefb4e87dd365ba3f0ac9385ab2340457
a742e79e2f8c4d83bffb4016f76454be6ed699e52dd5d1bb3f67fb4c363a343f
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
af0c046f44414343cbaa5f2e1382974e26e3da25fe7bdacbac885b153addcd47
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
baae2691610df9a5db72078c9fcee0b792bb3675eff6640f7f6531992d05a44d
bb681e832636dc759f9e60f8ea6832511b5b1228292aedd6d3646267cc94e256
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bbd180482d27d94faf59a4c4d0e8acefab7c01bc7af4aec22e876277f98985fa
bd132cec40dfd4f31611d972baefccab71ad9c618ac47fe1cbb39afea497f5c6
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c6d6e1b5a8106e8624cd94dfb25383a222f722bb8fa8817780d91405bccd991b
c8329c9621456825f0753aeb5ea135717d1dcf46168a7c59fc40209f5152815f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0db4e94545619b68315896652b0b4be28ad90d974517ecae967da3564d3b3e1
d220665dbe19df77bc04607636e16681d9c5b892f6480b84498813ba28d73982
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
d2a5d145294313d7daea99d2575b46b3441a1cd8fe31223164aee0373e7d8853
d3828fe7866e507812b3bda518e0f250cda4ff8ab83f28e5eb20efecdfd7d36c
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
d7e0374365e92593122f2f64377976a8ff1efe732248583a96609680af52970f
dab55442fb17b93d6dfd52e2b865ef89a68b75a12349f5cd3614390a6d54c0a1
dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c
dce78658e0fab3421f0a09b8073d945f2613c88e043fc2f05c46d400eb7e3dce
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e193a3f239e35e0da483171aaa5b12db5cd117073fa15ab8046db2a797c43b49
e201825fe4d51c3e08748ab335945d9762356d91c62ee1fb4e0ef2077b7c9561
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e
e8161ae6557cc11392329f410228363109dd0f7c3ddb595541da5fea640f3fbb
e881bf089d326461acc37044e7090f49ffb6584af18a2343f6da6d95d7acde93
e8d139ee2ae1d25c8d2b6dad4d3618a213d0b0179eb29ae29434e2fd5653f73a
e93687c23f1a36c2934f42f1397ecfc6c0632940ac7269fcf8590597d97288ea
e945bfc9ab13998bd966016c071dfdaf3f65151be0b521bc27de7795a9e28112
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eccb13f25f7c893a7a11cf4b52e6b6f2129ad368c62e894e707d814fb9dd09cb
ecee70821d659714460e00603cc4e03a4fa8521616c3b4d0b44f2cefc0ee94b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f241066e580e5b1d02ac55e3c2c7d91ae93b705ee7690be72099d99c755aa593
f34357a90755589b2147c1ec45cf97c9175877cf0c6456320410ceeb24736e1d
f389e0da5f4c077f7ac79992bd2797a3b8bec1cb749406fcc27bbb690f9a79fd
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f773dc1d3e70051a550d3a4e44211c436b5034fc916f88f8af2e96f61e231c31
f7e21269a2940988509d4b732cb8d7f04a0a6aac8ad2474df6c0feff23af69a5
f9dcd9efbca6af4992031aef6d28bac96069392f7d39f51dcdaef199175b226b
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76